Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
64 vulnerabilities by wellintech
VAR-201812-0720
Vulnerability from variot - Updated: 2023-12-18 14:05WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401. WellinTech KingSCADA Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. WellinTech KingSCADA is a cross-platform SCADA system software from China's WellinTech. The software has model application, remote centralized management deployment, multi-person simultaneous development, data acquisition and processing
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0720",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingscada",
"scope": "lt",
"trust": 2.4,
"vendor": "wellintech",
"version": "3.7.0.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingscada",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingscada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.7.0.0.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"cve": "CVE-2018-20410",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-20410",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-04902",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "7d860592-463f-11e9-8c21-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-20410",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-20410",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-04902",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-1067",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401. WellinTech KingSCADA Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. WellinTech KingSCADA is a cross-platform SCADA system software from China\u0027s WellinTech. The software has model application, remote centralized management deployment, multi-person simultaneous development, data acquisition and processing",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-20410"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-20410",
"trust": 3.2
},
{
"db": "CNVD",
"id": "CNVD-2019-04902",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D860592-463F-11E9-8C21-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
]
},
"id": "VAR-201812-0720",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
}
],
"trust": 1.4
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
}
]
},
"last_update_date": "2023-12-18T14:05:17.139000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "KINGSCADA",
"trust": 0.8,
"url": "http://www.wellintech.com/product-kingscada.html"
},
{
"title": "WellinTech KingSCADA Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88153"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/debugging.md"
},
{
"trust": 1.6,
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20410"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-20410"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "NVD",
"id": "CVE-2018-20410"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-21T00:00:00",
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"date": "2019-02-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"date": "2019-03-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"date": "2018-12-24T02:29:00.233000",
"db": "NVD",
"id": "CVE-2018-20410"
},
{
"date": "2018-12-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-04902"
},
{
"date": "2019-03-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2018-20410"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014112"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "7d860592-463f-11e9-8c21-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-1067"
}
],
"trust": 0.8
}
}
VAR-201108-0127
Vulnerability from variot - Updated: 2023-12-18 14:02Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView 'KVWebSvr.dll' The ActiveX control handles the parameters of the ValidateUser method with boundary conditions. The remote attacker can exploit the vulnerability to build a malicious WEB page, entice the user to parse, and execute arbitrary code in the application security context. WellinTech KingView ActiveX control is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed attacks will likely cause denial-of-service conditions. KingView 6.53 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0127",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 3.3,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "eq",
"trust": 3.0,
"vendor": "wellintech",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "kingview",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "kingview",
"version": "6.53"
}
],
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "BID",
"id": "46757"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3142"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollmann",
"sources": [
{
"db": "BID",
"id": "46757"
}
],
"trust": 0.3
},
"cve": "CVE-2011-3142",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-3142",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-3142",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201108-285",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView \u0027KVWebSvr.dll\u0027 The ActiveX control handles the parameters of the ValidateUser method with boundary conditions. The remote attacker can exploit the vulnerability to build a malicious WEB page, entice the user to parse, and execute arbitrary code in the application security context. WellinTech KingView ActiveX control is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed attacks will likely cause denial-of-service conditions. \nKingView 6.53 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3142"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "BID",
"id": "46757"
},
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3142",
"trust": 3.3
},
{
"db": "BID",
"id": "46757",
"trust": 2.5
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-066-01",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-11-074-01",
"trust": 2.4
},
{
"db": "OSVDB",
"id": "72889",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2011-04541",
"trust": 1.6
},
{
"db": "EXPLOIT-DB",
"id": "16936",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285",
"trust": 1.2
},
{
"db": "CNVD",
"id": "CNVD-2011-0956",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494",
"trust": 0.8
},
{
"db": "IVD",
"id": "B65F53AA-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D7C1A81-463F-11E9-982D-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "660DCAD2-1F9C-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "BID",
"id": "46757"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
]
},
"id": "VAR-201108-0127",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
}
],
"trust": 1.7748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
}
]
},
"last_update_date": "2023-12-18T14:02:09.315000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/index.aspx"
},
{
"title": "\u30a6\u30a7\u30ea\u30f3\u30c6\u30c3\u30af\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "Asian Control Company KingView \u0027KVWebSvr.dll\u0027 ActiveX Control Heap Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/3267"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-074-01.pdf"
},
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-066-01.pdf"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/46757"
},
{
"trust": 1.6,
"url": "http://www.cnvd.org.cn/vulnerability/cnvd-2011-04541"
},
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/16936"
},
{
"trust": 1.6,
"url": "http://www.kingview.com/news/detail.aspx?contentid=537"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/72889"
},
{
"trust": 1.6,
"url": "http://www.scadahacker.com/exploits-wellintech-kvwebsvr.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3142"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3142"
},
{
"trust": 0.3,
"url": "http://en.wellintech.com/products/detail.aspx?contentid=15"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "BID",
"id": "46757"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"db": "BID",
"id": "46757"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"db": "NVD",
"id": "CVE-2011-3142"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-17T00:00:00",
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-11T00:00:00",
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"date": "2011-03-11T00:00:00",
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"date": "2011-03-07T00:00:00",
"db": "BID",
"id": "46757"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"date": "2011-08-16T21:55:01.273000",
"db": "NVD",
"id": "CVE-2011-3142"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0956"
},
{
"date": "2015-04-13T21:01:00",
"db": "BID",
"id": "46757"
},
{
"date": "2011-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003494"
},
{
"date": "2012-03-16T04:00:00",
"db": "NVD",
"id": "CVE-2011-3142"
},
{
"date": "2011-08-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView KVWebSvr.dll ActiveX Control Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b65f53aa-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7c1a81-463f-11e9-982d-000c29342cb1"
},
{
"db": "IVD",
"id": "660dcad2-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-285"
}
],
"trust": 1.2
}
}
VAR-201101-0115
Vulnerability from variot - Updated: 2023-12-18 13:44Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777. WellinTech KingView 6.53 Contains a heap overflow vulnerability. WellinTech KingView 6.53 of HistorySrv service (777/tcp) Crafted Flink and Blink When processing pointers A heap overflow vulnerability exists. Attack code using this vulnerability has been released.WellinTech KingView Service disruption by a third party with access to (DoS) An attacker may be attacked or execute arbitrary code with user privileges. KingView is the configuration software in the HMI / SCADA series products produced by Beijing Yakong. This software is mainly used for process control and management monitoring of industrial automation. The software is deployed on the Windows operating system platform, and the 777 service port is opened for historical data synchronization. Because its 777 service port listening process, HistorySvr.exe, does not have adequate security controls in the process of processing data, an attacker can cause the service to crash or achieve overflow by sending a specially constructed data packet to the service port to gain operating system host management permissions. If you further guess the KingView 6.53 management system username and password installed on the host, you will directly gain control of the industrial system associated with it. KingView is prone to a heap-based buffer-overflow vulnerability because it fails to properly validate user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions. KingView 6.53 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).
Request a free trial: http://secunia.com/products/corporate/vim/
TITLE: KingView HistorySvr Service Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA42851
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42851/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42851
RELEASE DATE: 2011-01-11
DISCUSS ADVISORY: http://secunia.com/advisories/42851/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/42851/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=42851
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been discovered in KingView, which can be exploited by malicious people to compromise a vulnerable system.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in version 6.53.
SOLUTION: Restrict access to trusted hosts only (e.g. via network access control lists).
PROVIDED AND/OR DISCOVERED BY: Dillon Beresford
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201101-0115",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 3.3,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wellintech",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingview",
"version": "6.53"
}
],
"sources": [
{
"db": "IVD",
"id": "7d760001-463f-11e9-be76-000c29342cb1"
},
{
"db": "IVD",
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#180119"
},
{
"db": "CNVD",
"id": "CNVD-2011-0160"
},
{
"db": "BID",
"id": "45727"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001026"
},
{
"db": "NVD",
"id": "CVE-2011-0406"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-108"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0406"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dillon Beresford",
"sources": [
{
"db": "BID",
"id": "45727"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-108"
}
],
"trust": 0.9
},
"cve": "CVE-2011-0406",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-0406",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d760001-463f-11e9-be76-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-0406",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#180119",
"trust": 0.8,
"value": "91.20"
},
{
"author": "CNNVD",
"id": "CNNVD-201101-108",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d760001-463f-11e9-be76-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2011-0406",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d760001-463f-11e9-be76-000c29342cb1"
},
{
"db": "IVD",
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#180119"
},
{
"db": "VULMON",
"id": "CVE-2011-0406"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001026"
},
{
"db": "NVD",
"id": "CVE-2011-0406"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-108"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777. WellinTech KingView 6.53 Contains a heap overflow vulnerability. WellinTech KingView 6.53 of HistorySrv service (777/tcp) Crafted Flink and Blink When processing pointers A heap overflow vulnerability exists. Attack code using this vulnerability has been released.WellinTech KingView Service disruption by a third party with access to (DoS) An attacker may be attacked or execute arbitrary code with user privileges. KingView is the configuration software in the HMI / SCADA series products produced by Beijing Yakong. This software is mainly used for process control and management monitoring of industrial automation. The software is deployed on the Windows operating system platform, and the 777 service port is opened for historical data synchronization. Because its 777 service port listening process, HistorySvr.exe, does not have adequate security controls in the process of processing data, an attacker can cause the service to crash or achieve overflow by sending a specially constructed data packet to the service port to gain operating system host management permissions. If you further guess the KingView 6.53 management system username and password installed on the host, you will directly gain control of the industrial system associated with it. KingView is prone to a heap-based buffer-overflow vulnerability because it fails to properly validate user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions. \nKingView 6.53 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nKingView HistorySvr Service Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA42851\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42851/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42851\n\nRELEASE DATE:\n2011-01-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42851/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42851/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42851\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been discovered in KingView, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerability is confirmed in version 6.53. \n\nSOLUTION:\nRestrict access to trusted hosts only (e.g. via network access\ncontrol lists). \n\nPROVIDED AND/OR DISCOVERED BY:\nDillon Beresford\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0406"
},
{
"db": "CERT/CC",
"id": "VU#180119"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001026"
},
{
"db": "CNVD",
"id": "CNVD-2011-0160"
},
{
"db": "BID",
"id": "45727"
},
{
"db": "IVD",
"id": "7d760001-463f-11e9-be76-000c29342cb1"
},
{
"db": "IVD",
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2011-0406"
},
{
"db": "PACKETSTORM",
"id": "97369"
}
],
"trust": 3.69
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=15957",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-0406"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0406",
"trust": 3.8
},
{
"db": "SECUNIA",
"id": "42851",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#180119",
"trust": 3.0
},
{
"db": "BID",
"id": "45727",
"trust": 2.8
},
{
"db": "VUPEN",
"id": "ADV-2011-0063",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "70366",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "15957",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-11-017-01",
"trust": 1.6
},
{
"db": "XF",
"id": "64559",
"trust": 1.4
},
{
"db": "SREASON",
"id": "8134",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2011-0160",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201101-108",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001026",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D760001-463F-11E9-BE76-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "76FCFD92-2355-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2011-0406",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97369",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d760001-463f-11e9-be76-000c29342cb1"
},
{
"db": "IVD",
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#180119"
},
{
"db": "CNVD",
"id": "CNVD-2011-0160"
},
{
"db": "VULMON",
"id": "CVE-2011-0406"
},
{
"db": "BID",
"id": "45727"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001026"
},
{
"db": "PACKETSTORM",
"id": "97369"
},
{
"db": "NVD",
"id": "CVE-2011-0406"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-108"
}
]
},
"id": "VAR-201101-0115",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d760001-463f-11e9-be76-000c29342cb1"
},
{
"db": "IVD",
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0160"
}
],
"trust": 1.5748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d760001-463f-11e9-be76-000c29342cb1"
},
{
"db": "IVD",
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-0160"
}
]
},
"last_update_date": "2023-12-18T13:44:46.224000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "KingView6.52\u30686.53\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/news.htm#news20110118"
},
{
"title": "Asian control company KingView has a buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/2580"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0160"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001026"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001026"
},
{
"db": "NVD",
"id": "CVE-2011-0406"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://secunia.com/advisories/42851"
},
{
"trust": 2.8,
"url": "http://www.kingview.com/news/detail.aspx?contentid=528"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/45727"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2011/0063"
},
{
"trust": 2.3,
"url": "http://www.kb.cert.org/vuls/id/180119"
},
{
"trust": 2.2,
"url": "http://thesauceofutterpwnage.blogspot.com/2011/01/waking-up-sleeping-dragon.html"
},
{
"trust": 1.9,
"url": "http://www.cnnvd.org.cn/showcnnvd.html?id=2011010108"
},
{
"trust": 1.9,
"url": "http://osvdb.org/70366"
},
{
"trust": 1.7,
"url": "http://www.exploit-db.com/exploits/15957"
},
{
"trust": 1.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-017-01.pdf"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/64559"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8134"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64559"
},
{
"trust": 0.8,
"url": "http://thesauceofutterpwnage.blogspot.com/2011/01/wellintech-issues-security-patch-to.html"
},
{
"trust": 0.8,
"url": "http://www.cert.org.cn/articles/bulletin/common/2011011325250.shtml"
},
{
"trust": 0.8,
"url": "http://threatpost.com/en_us/blogs/china-cert-we-missed-report-scada-hole-011311"
},
{
"trust": 0.8,
"url": "http://en.wellintech.com/products/detail.aspx?contentid=25"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0406"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu180119"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0406"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/15957/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42851/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42851/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42851"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180119"
},
{
"db": "CNVD",
"id": "CNVD-2011-0160"
},
{
"db": "VULMON",
"id": "CVE-2011-0406"
},
{
"db": "BID",
"id": "45727"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001026"
},
{
"db": "PACKETSTORM",
"id": "97369"
},
{
"db": "NVD",
"id": "CVE-2011-0406"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-108"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d760001-463f-11e9-be76-000c29342cb1"
},
{
"db": "IVD",
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#180119"
},
{
"db": "CNVD",
"id": "CNVD-2011-0160"
},
{
"db": "VULMON",
"id": "CVE-2011-0406"
},
{
"db": "BID",
"id": "45727"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001026"
},
{
"db": "PACKETSTORM",
"id": "97369"
},
{
"db": "NVD",
"id": "CVE-2011-0406"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-108"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-01-13T00:00:00",
"db": "IVD",
"id": "7d760001-463f-11e9-be76-000c29342cb1"
},
{
"date": "2011-01-13T00:00:00",
"db": "IVD",
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d"
},
{
"date": "2011-01-12T00:00:00",
"db": "CERT/CC",
"id": "VU#180119"
},
{
"date": "2011-01-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0160"
},
{
"date": "2011-01-11T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0406"
},
{
"date": "2011-01-09T00:00:00",
"db": "BID",
"id": "45727"
},
{
"date": "2011-02-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001026"
},
{
"date": "2011-01-10T06:32:29",
"db": "PACKETSTORM",
"id": "97369"
},
{
"date": "2011-01-11T03:00:06",
"db": "NVD",
"id": "CVE-2011-0406"
},
{
"date": "2011-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201101-108"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-01-18T00:00:00",
"db": "CERT/CC",
"id": "VU#180119"
},
{
"date": "2019-12-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0160"
},
{
"date": "2017-08-17T00:00:00",
"db": "VULMON",
"id": "CVE-2011-0406"
},
{
"date": "2011-03-16T14:07:00",
"db": "BID",
"id": "45727"
},
{
"date": "2011-02-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001026"
},
{
"date": "2017-08-17T01:33:29.213000",
"db": "NVD",
"id": "CVE-2011-0406"
},
{
"date": "2011-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201101-108"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201101-108"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView 6.53 remote heap overflow vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#180119"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "7d760001-463f-11e9-be76-000c29342cb1"
},
{
"db": "IVD",
"id": "76fcfd92-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201101-108"
}
],
"trust": 1.0
}
}
VAR-201802-1244
Vulnerability from variot - Updated: 2023-12-18 13:19KingView 7.5SP1 has an integer overflow during stgopenstorage API read operations. KingView Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. KingView is the first domestic company to launch industrial configuration software products.
Asian Control Technology KingView has an integer overflow vulnerability. This vulnerability is due to stgopenstorage read failure, and the returned error code is beyond the scope of int on 32-bit systems. An attacker could use this vulnerability to execute arbitrary code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-1244",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "bj tct",
"version": "7.5"
},
{
"model": "kingview",
"scope": "eq",
"trust": 0.8,
"vendor": "wellintech",
"version": "7.5sp1"
},
{
"model": "kingview 7.5sp1",
"scope": null,
"trust": 0.6,
"vendor": "yakong",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "7.5"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e6d401-39ab-11e9-8f1d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00995"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002331"
},
{
"db": "NVD",
"id": "CVE-2018-7471"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-621"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bj-tct:kingview:7.5:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7471"
}
]
},
"cve": "CVE-2018-7471",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-7471",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-00995",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "e2e6d401-39ab-11e9-8f1d-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-7471",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-7471",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-00995",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201802-621",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2e6d401-39ab-11e9-8f1d-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e6d401-39ab-11e9-8f1d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00995"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002331"
},
{
"db": "NVD",
"id": "CVE-2018-7471"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-621"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "KingView 7.5SP1 has an integer overflow during stgopenstorage API read operations. KingView Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. KingView is the first domestic company to launch industrial configuration software products. \n\nAsian Control Technology KingView has an integer overflow vulnerability. This vulnerability is due to stgopenstorage read failure, and the returned error code is beyond the scope of int on 32-bit systems. An attacker could use this vulnerability to execute arbitrary code",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7471"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002331"
},
{
"db": "CNVD",
"id": "CNVD-2018-00995"
},
{
"db": "IVD",
"id": "e2e6d401-39ab-11e9-8f1d-000c29342cb1"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7471",
"trust": 3.2
},
{
"db": "CNVD",
"id": "CNVD-2018-00995",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201802-621",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002331",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2E6D401-39AB-11E9-8F1D-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2e6d401-39ab-11e9-8f1d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00995"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002331"
},
{
"db": "NVD",
"id": "CVE-2018-7471"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-621"
}
]
},
"id": "VAR-201802-1244",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e6d401-39ab-11e9-8f1d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00995"
}
],
"trust": 1.5874053
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e6d401-39ab-11e9-8f1d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00995"
}
]
},
"last_update_date": "2023-12-18T13:19:11.616000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "KingView (1000656)",
"trust": 0.8,
"url": "http://www.kingview.com/news_info.php?num=1000656"
},
{
"title": "Asian Controlling King has an integer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/112771"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-00995"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002331"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002331"
},
{
"db": "NVD",
"id": "CVE-2018-7471"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.cnvd.org.cn/flaw/show/1202823"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7471"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7471"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002331"
},
{
"db": "NVD",
"id": "CVE-2018-7471"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-621"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2e6d401-39ab-11e9-8f1d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-00995"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002331"
},
{
"db": "NVD",
"id": "CVE-2018-7471"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-621"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-15T00:00:00",
"db": "IVD",
"id": "e2e6d401-39ab-11e9-8f1d-000c29342cb1"
},
{
"date": "2018-02-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00995"
},
{
"date": "2018-04-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002331"
},
{
"date": "2018-02-25T07:29:00.337000",
"db": "NVD",
"id": "CVE-2018-7471"
},
{
"date": "2018-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-621"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-00995"
},
{
"date": "2018-04-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002331"
},
{
"date": "2018-03-17T10:33:49.040000",
"db": "NVD",
"id": "CVE-2018-7471"
},
{
"date": "2018-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-621"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-621"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "KingView Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002331"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-621"
}
],
"trust": 0.6
}
}
VAR-201112-0059
Vulnerability from variot - Updated: 2023-12-18 13:15Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka HistoryServer.exe) in WellinTech KingView 6.53 and 65.30.2010.18018 allows remote attackers to execute arbitrary code via a crafted op-code 3 packet. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code inside nettransdll.dll. The parent service is called HistoryServer.exe and listens on port 777. When a packet with op-code 3 is received, the service allocates memory from the heap based on the 10th and 11th bytes of the packet (element count). Packet data is then copied into the allocated buffer based on the first two bytes of the packet (packet size). KingView is a product for building data information service platforms for industrial automation. This vulnerability can be triggered by sending a data message of more than a certain length to the TCP 777 port. KingView is prone to a heap-based buffer-overflow vulnerability because it fails to properly validate user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions. KingView 65.30.2010.18018 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
TITLE: KingView HistorySvr Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA47339
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47339/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47339
RELEASE DATE: 2011-12-22
DISCUSS ADVISORY: http://secunia.com/advisories/47339/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47339/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47339
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in KingView, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified error in the nettransdll.dll module of the HistorySvr component.
The vulnerability is reported in version 6.53 (65.30.2010.18018).
SOLUTION: Apply patch.
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Luigi Auriemma via ZDI.
ORIGINAL ADVISORY: KingView: http://en.wellintech.com/news/detail.aspx?contentid=166
ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-11-355-02.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
- -- Vendor Response:
WellinTech has issued an update to correct this vulnerability. More details can be found at:
http://www.kingview.com/news/detail.aspx?contentid=587
-
-- Disclosure Timeline: 2011-11-09 - Vulnerability reported to vendor 2011-12-22 - Coordinated public release of advisory
-
-- Credit: This vulnerability was discovered by:
-
Luigi Auriemma
-
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32)
iQEcBAEBAgAGBQJO81sqAAoJEFVtgMGTo1scImgIAKikq6VqLK8P6zI5vIfUX3/I hJ2Ee4eAEB1P3qsehw3G4ZelP6uJUbxrVAl0UoyFctPQL+Jh+XkKmiJskzzTlvtz 3TfL0RZBgSnHHUnusjxdpDO7kmzIlFIMbWJgQLGaRRVTVXLukSgFws7cdAH1lo4V c64jAXagVvv9gJUHGUMemqR+tpHxSa7YRdribO/P192cc31z7wh/ybjIP7dCev9O zpH5sQ1PFgaVb8CMLxMbHiVVzCgbzJ59q/ydoG5TUo2XnDkinthQ3VNoGaeGIKWZ aLMrG+gREbfsdKBvlgzcAgAjIQHVeK8SiIZBICrVcHYFED5BQtmyKhzUJG+md/E= =BHoc -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201112-0059",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 3.3,
"vendor": "wellintech",
"version": "65.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 2.4,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": null,
"trust": 0.7,
"vendor": "wellintech",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.53"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "65.30.2010.18018"
}
],
"sources": [
{
"db": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-11-351"
},
{
"db": "CNVD",
"id": "CNVD-2011-5419"
},
{
"db": "BID",
"id": "51159"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002874"
},
{
"db": "NVD",
"id": "CVE-2011-4536"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4536"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-351"
},
{
"db": "BID",
"id": "51159"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
],
"trust": 1.6
},
"cve": "CVE-2011-4536",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-4536",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "4563be20-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4536",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2011-4536",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201112-404",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-11-351"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002874"
},
{
"db": "NVD",
"id": "CVE-2011-4536"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka HistoryServer.exe) in WellinTech KingView 6.53 and 65.30.2010.18018 allows remote attackers to execute arbitrary code via a crafted op-code 3 packet. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code inside nettransdll.dll. The parent service is called HistoryServer.exe and listens on port 777. When a packet with op-code 3 is received, the service allocates memory from the heap based on the 10th and 11th bytes of the packet (element count). Packet data is then copied into the allocated buffer based on the first two bytes of the packet (packet size). KingView is a product for building data information service platforms for industrial automation. This vulnerability can be triggered by sending a data message of more than a certain length to the TCP 777 port. KingView is prone to a heap-based buffer-overflow vulnerability because it fails to properly validate user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions. \nKingView 65.30.2010.18018 is vulnerable; other versions may also be affected. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nKingView HistorySvr Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA47339\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47339/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47339\n\nRELEASE DATE:\n2011-12-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47339/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47339/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47339\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in KingView, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nThe vulnerability is caused due to an unspecified error in the\nnettransdll.dll module of the HistorySvr component. \n\nThe vulnerability is reported in version 6.53 (65.30.2010.18018). \n\nSOLUTION:\nApply patch. \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Luigi Auriemma via ZDI. \n\nORIGINAL ADVISORY:\nKingView:\nhttp://en.wellintech.com/news/detail.aspx?contentid=166\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-11-355-02.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n- -- Vendor Response:\n\nWellinTech has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://www.kingview.com/news/detail.aspx?contentid=587\n\n\n\n- -- Disclosure Timeline:\n2011-11-09 - Vulnerability reported to vendor\n2011-12-22 - Coordinated public release of advisory\n\n- -- Credit:\nThis vulnerability was discovered by:\n\n* Luigi Auriemma\n\n\n\n- -- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.17 (MingW32)\n\niQEcBAEBAgAGBQJO81sqAAoJEFVtgMGTo1scImgIAKikq6VqLK8P6zI5vIfUX3/I\nhJ2Ee4eAEB1P3qsehw3G4ZelP6uJUbxrVAl0UoyFctPQL+Jh+XkKmiJskzzTlvtz\n3TfL0RZBgSnHHUnusjxdpDO7kmzIlFIMbWJgQLGaRRVTVXLukSgFws7cdAH1lo4V\nc64jAXagVvv9gJUHGUMemqR+tpHxSa7YRdribO/P192cc31z7wh/ybjIP7dCev9O\nzpH5sQ1PFgaVb8CMLxMbHiVVzCgbzJ59q/ydoG5TUo2XnDkinthQ3VNoGaeGIKWZ\naLMrG+gREbfsdKBvlgzcAgAjIQHVeK8SiIZBICrVcHYFED5BQtmyKhzUJG+md/E=\n=BHoc\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4536"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002874"
},
{
"db": "ZDI",
"id": "ZDI-11-351"
},
{
"db": "CNVD",
"id": "CNVD-2011-5419"
},
{
"db": "BID",
"id": "51159"
},
{
"db": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "108117"
},
{
"db": "PACKETSTORM",
"id": "108092"
}
],
"trust": 3.42
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4536",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-11-355-02",
"trust": 3.4
},
{
"db": "ZDI",
"id": "ZDI-11-351",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "47339",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "77992",
"trust": 1.6
},
{
"db": "BID",
"id": "51159",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2011-5419",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201112-404",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002874",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1261",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "18383",
"trust": 0.6
},
{
"db": "IVD",
"id": "4563BE20-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "108117",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "108092",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-11-351"
},
{
"db": "CNVD",
"id": "CNVD-2011-5419"
},
{
"db": "BID",
"id": "51159"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002874"
},
{
"db": "PACKETSTORM",
"id": "108117"
},
{
"db": "PACKETSTORM",
"id": "108092"
},
{
"db": "NVD",
"id": "CVE-2011-4536"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
]
},
"id": "VAR-201112-0059",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5419"
}
],
"trust": 1.3748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5419"
}
]
},
"last_update_date": "2023-12-18T13:15:09.236000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "166",
"trust": 0.8,
"url": "http://en.wellintech.com/news/detail.aspx?contentid=166"
},
{
"title": "KingView6.52\u30686.53\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/news.htm#news20110118"
},
{
"title": "\u30a6\u30a7\u30ea\u30f3\u30c6\u30c3\u30af\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e ",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://www.kingview.com/news/detail.aspx?contentid=587"
},
{
"title": "KingView \u0027HistoryServer.exe\u0027 patch based on heap buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/6441"
},
{
"title": "nettransdll",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=42232"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-351"
},
{
"db": "CNVD",
"id": "CNVD-2011-5419"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002874"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002874"
},
{
"db": "NVD",
"id": "CVE-2011-4536"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-355-02.pdf"
},
{
"trust": 2.7,
"url": "http://www.kingview.com/news/detail.aspx?contentid=587"
},
{
"trust": 1.9,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-351/"
},
{
"trust": 1.7,
"url": "http://en.wellintech.com/news/detail.aspx?contentid=166"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/47339"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/77992"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4536"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4536"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/51159"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/18383"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47339"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47339/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47339/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4536"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-351"
},
{
"db": "CNVD",
"id": "CNVD-2011-5419"
},
{
"db": "BID",
"id": "51159"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002874"
},
{
"db": "PACKETSTORM",
"id": "108117"
},
{
"db": "PACKETSTORM",
"id": "108092"
},
{
"db": "NVD",
"id": "CVE-2011-4536"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-11-351"
},
{
"db": "CNVD",
"id": "CNVD-2011-5419"
},
{
"db": "BID",
"id": "51159"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002874"
},
{
"db": "PACKETSTORM",
"id": "108117"
},
{
"db": "PACKETSTORM",
"id": "108092"
},
{
"db": "NVD",
"id": "CVE-2011-4536"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-23T00:00:00",
"db": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-12-22T00:00:00",
"db": "ZDI",
"id": "ZDI-11-351"
},
{
"date": "2011-12-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5419"
},
{
"date": "2011-12-21T00:00:00",
"db": "BID",
"id": "51159"
},
{
"date": "2011-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002874"
},
{
"date": "2011-12-22T08:52:41",
"db": "PACKETSTORM",
"id": "108117"
},
{
"date": "2011-12-22T19:31:56",
"db": "PACKETSTORM",
"id": "108092"
},
{
"date": "2011-12-27T04:01:39.857000",
"db": "NVD",
"id": "CVE-2011-4536"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-22T00:00:00",
"db": "ZDI",
"id": "ZDI-11-351"
},
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5419"
},
{
"date": "2011-12-22T19:30:00",
"db": "BID",
"id": "51159"
},
{
"date": "2011-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002874"
},
{
"date": "2011-12-27T15:40:25.757000",
"db": "NVD",
"id": "CVE-2011-4536"
},
{
"date": "2012-01-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "KingView \u0027HistoryServer.exe\u0027 Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5419"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "4563be20-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-404"
}
],
"trust": 0.8
}
}
VAR-201401-0055
Vulnerability from variot - Updated: 2023-12-18 13:14An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the kxClientDownload.ocx ActiveX control. An attacker can leverage this vulnerability to execute code under the context of the administrator. KingSCADA is a versatile industrial monitoring software that integrates process control design, field operations and plant resource management. KingGraphic can access data from multiple industrial real-time databases and relational databases. Multiple WellinTech products are prone to a remote code-execution vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201401-0055",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingscada",
"scope": "eq",
"trust": 1.2,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kinggraphic",
"scope": "eq",
"trust": 1.2,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingscada",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kinggraphic",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingalarm\\\u0026event",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kingalarm\u0026event",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kinggraphic",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": "kingscada",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": "kingscada kinggraphic",
"scope": null,
"trust": 0.7,
"vendor": "wellintech",
"version": null
},
{
"model": "kingalarm\u0026event",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kingalarm\\\u0026event",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kingscada",
"scope": "eq",
"trust": 0.3,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingalarm event",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kinggraphic",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingscada",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "BID",
"id": "64941"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingscada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingalarm\\\u0026event:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kinggraphic:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2827"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi aka rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-011"
}
],
"trust": 0.7
},
"cve": "CVE-2013-2827",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-2827",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-00422",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-2827",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2013-2827",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-00422",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201401-298",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm\u0026Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the kxClientDownload.ocx ActiveX control. An attacker can leverage this vulnerability to execute code under the context of the administrator. KingSCADA is a versatile industrial monitoring software that integrates process control design, field operations and plant resource management. KingGraphic can access data from multiple industrial real-time databases and relational databases. Multiple WellinTech products are prone to a remote code-execution vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2827"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "BID",
"id": "64941"
},
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2827",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-13-344-01",
"trust": 3.0
},
{
"db": "BID",
"id": "64941",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-00422",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1552",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-011",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "56443",
"trust": 0.6
},
{
"db": "IVD",
"id": "4C4FAA70-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "BID",
"id": "64941"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
]
},
"id": "VAR-201401-0055",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
}
],
"trust": 1.4583333333333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
}
]
},
"last_update_date": "2023-12-18T13:14:53.902000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-344-01"
},
{
"title": "Patch of multiple WellinTech product ActiveX remote code execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/42551"
},
{
"title": "KingGraphic3.1.2_EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=47598"
},
{
"title": "KingAlarm\u0026Event3.1_EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=47597"
},
{
"title": "KingSCADA3.1.2_EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=47596"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-344-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2827"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2827"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56443/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"db": "BID",
"id": "64941"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"db": "NVD",
"id": "CVE-2013-2827"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-17T00:00:00",
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"date": "2014-01-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"date": "2014-01-14T00:00:00",
"db": "BID",
"id": "64941"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"date": "2014-01-15T16:08:18.173000",
"db": "NVD",
"id": "CVE-2013-2827"
},
{
"date": "2014-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-011"
},
{
"date": "2014-01-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00422"
},
{
"date": "2014-08-01T01:11:00",
"db": "BID",
"id": "64941"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001176"
},
{
"date": "2014-01-16T17:21:02.680000",
"db": "NVD",
"id": "CVE-2013-2827"
},
{
"date": "2014-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural WellinTech Product ActiveX Any in control DLL Code download vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001176"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "4c4faa70-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-298"
}
],
"trust": 0.8
}
}
VAR-201401-0054
Vulnerability from variot - Updated: 2023-12-18 13:14WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingSCADA KingAlarm&Event. Authentication is not required to exploit this vulnerability. The specific flaw exists within KAEManageServer.exe, which listens by default on TCP port 8130. Authentication to this service is performed locally through the KAEClientManager console but no authentication is performed against remote connections. A remote attacker with knowledge of the protocol can use this to disclose certain credentials and login to the Oracle database as a legitimate user. KingSCADA is a versatile industrial monitoring software that integrates process control design, field operations and plant resource management. KingGraphic can access data from multiple industrial real-time databases and relational databases. Wait. Multiple WellinTech products are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201401-0054",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingscada",
"scope": "eq",
"trust": 1.2,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kinggraphic",
"scope": "eq",
"trust": 1.2,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingscada",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kinggraphic",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingalarm\\\u0026event",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kingalarm\u0026event",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kinggraphic",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": "kingscada",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": "kingalarm \u0026 event",
"scope": null,
"trust": 0.7,
"vendor": "wellintech",
"version": null
},
{
"model": "kingalarm\u0026event",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kingalarm\\\u0026event",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "2.0.2"
},
{
"model": "kingscada",
"scope": "eq",
"trust": 0.3,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingalarm event",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kinggraphic",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingscada",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "BID",
"id": "64938"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingalarm\\\u0026event:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingscada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kinggraphic:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2826"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi aka rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-012"
}
],
"trust": 0.7
},
"cve": "CVE-2013-2826",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-2826",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-2826",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-00423",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "4c53be94-2352-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-2826",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2013-2826",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-00423",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201401-297",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA before 3.1.2, KingAlarm\u0026Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingSCADA KingAlarm\u0026Event. Authentication is not required to exploit this vulnerability. The specific flaw exists within KAEManageServer.exe, which listens by default on TCP port 8130. Authentication to this service is performed locally through the KAEClientManager console but no authentication is performed against remote connections. A remote attacker with knowledge of the protocol can use this to disclose certain credentials and login to the Oracle database as a legitimate user. KingSCADA is a versatile industrial monitoring software that integrates process control design, field operations and plant resource management. KingGraphic can access data from multiple industrial real-time databases and relational databases. Wait. Multiple WellinTech products are prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2826"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "BID",
"id": "64938"
},
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2826",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-13-344-01",
"trust": 3.0
},
{
"db": "BID",
"id": "64938",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-00423",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1553",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-012",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "56443",
"trust": 0.6
},
{
"db": "IVD",
"id": "4C53BE94-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "BID",
"id": "64938"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
]
},
"id": "VAR-201401-0054",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
}
],
"trust": 1.4583333333333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
}
]
},
"last_update_date": "2023-12-18T13:14:53.860000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-344-01"
},
{
"title": "Patch of multiple WellinTech products ActiveX Remote Information Disclosure Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/42548"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-344-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2826"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2826"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56443/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"db": "BID",
"id": "64938"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"db": "NVD",
"id": "CVE-2013-2826"
},
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-17T00:00:00",
"db": "IVD",
"id": "4c53be94-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"date": "2014-01-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"date": "2014-01-14T00:00:00",
"db": "BID",
"id": "64938"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"date": "2014-01-15T16:08:18.140000",
"db": "NVD",
"id": "CVE-2013-2826"
},
{
"date": "2014-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-012"
},
{
"date": "2014-01-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00423"
},
{
"date": "2014-02-05T17:45:00",
"db": "BID",
"id": "64938"
},
{
"date": "2014-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001175"
},
{
"date": "2014-01-16T17:18:57.317000",
"db": "NVD",
"id": "CVE-2013-2826"
},
{
"date": "2014-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural WellinTech Vulnerabilities that can bypass access restrictions in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001175"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201401-297"
}
],
"trust": 0.6
}
}
VAR-201205-0303
Vulnerability from variot - Updated: 2023-12-18 13:09Untrusted search path vulnerability in WellinTech KingView 6.53 allows local users to gain privileges via a Trojan horse DLL in the current working directory. WellinTech KingView However, there is a vulnerability that can be obtained because the processing related to the search path is inadequate. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. DLL It may be possible to get permission through the file. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView loads DLL files in an unsafe manner, and an attacker builds malicious files on a remote WebDAV or SMB share, enticing the user to parse, and can load malicious libraries in the application context. WellinTech KingView is prone to a vulnerability which allows attackers to execute arbitrary code. KingView 6.53 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0303",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 2.5,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "eq",
"trust": 0.8,
"vendor": "wellintech",
"version": "65.30.17249 before"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.53"
}
],
"sources": [
{
"db": "IVD",
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-2253"
},
{
"db": "BID",
"id": "53316"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005042"
},
{
"db": "NVD",
"id": "CVE-2012-1819"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1819"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollmann",
"sources": [
{
"db": "BID",
"id": "53316"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
],
"trust": 0.9
},
"cve": "CVE-2012-1819",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-1819",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1819",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-012",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005042"
},
{
"db": "NVD",
"id": "CVE-2012-1819"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Untrusted search path vulnerability in WellinTech KingView 6.53 allows local users to gain privileges via a Trojan horse DLL in the current working directory. WellinTech KingView However, there is a vulnerability that can be obtained because the processing related to the search path is inadequate. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. DLL It may be possible to get permission through the file. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView loads DLL files in an unsafe manner, and an attacker builds malicious files on a remote WebDAV or SMB share, enticing the user to parse, and can load malicious libraries in the application context. WellinTech KingView is prone to a vulnerability which allows attackers to execute arbitrary code. \nKingView 6.53 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1819"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005042"
},
{
"db": "CNVD",
"id": "CNVD-2012-2253"
},
{
"db": "BID",
"id": "53316"
},
{
"db": "IVD",
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1819",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-122-01",
"trust": 3.3
},
{
"db": "BID",
"id": "53316",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2012-2253",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201205-012",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005042",
"trust": 0.8
},
{
"db": "IVD",
"id": "E7A66BAC-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-2253"
},
{
"db": "BID",
"id": "53316"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005042"
},
{
"db": "NVD",
"id": "CVE-2012-1819"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
]
},
"id": "VAR-201205-0303",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-2253"
}
],
"trust": 1.3748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-2253"
}
]
},
"last_update_date": "2023-12-18T13:09:43.555000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Product News - Patch for KingView 6.53",
"trust": 0.8,
"url": "http://en.wellintech.com/news/detail.aspx?contentid=168"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/index.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech KingView DLL loads patches for arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/16593"
},
{
"title": "KV20120322-EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43042"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-2253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005042"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005042"
},
{
"db": "NVD",
"id": "CVE-2012-1819"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-122-01.pdf"
},
{
"trust": 1.6,
"url": "http://en.wellintech.com/news/detail.aspx?contentid=168"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/53316"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75309"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1819"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1819"
},
{
"trust": 0.3,
"url": "http://blog.rapid7.com/?p=5325"
},
{
"trust": 0.3,
"url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
},
{
"trust": 0.3,
"url": "http://en.wellintech.com/products/detail.aspx?contentid=15"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-2253"
},
{
"db": "BID",
"id": "53316"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005042"
},
{
"db": "NVD",
"id": "CVE-2012-1819"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-2253"
},
{
"db": "BID",
"id": "53316"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005042"
},
{
"db": "NVD",
"id": "CVE-2012-1819"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-03T00:00:00",
"db": "IVD",
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-05-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-2253"
},
{
"date": "2012-05-01T00:00:00",
"db": "BID",
"id": "53316"
},
{
"date": "2012-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005042"
},
{
"date": "2012-05-02T22:55:02.140000",
"db": "NVD",
"id": "CVE-2012-1819"
},
{
"date": "2012-05-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-2253"
},
{
"date": "2012-05-01T00:00:00",
"db": "BID",
"id": "53316"
},
{
"date": "2012-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005042"
},
{
"date": "2017-12-14T02:29:01.590000",
"db": "NVD",
"id": "CVE-2012-1819"
},
{
"date": "2012-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005042"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "e7a66bac-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-012"
}
],
"trust": 0.8
}
}
VAR-201404-0552
Vulnerability from variot - Updated: 2023-12-18 13:09Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet. Authentication is not required to exploit this vulnerability.The specific flaw exists within the protocol parsing code contained in kxNetDispose.dll. The parent service is called AEserver.exe and listens on port 12401. The process performs arithmetic on an user-supplied value used to determine the size of a copy operation allowing a potential integer wrap to cause a stack buffer overflow. An unauthenticated attacker can leverage this vulnerability to execute code under the context of the SYSTEM user. The KingSCADA family of products is a Windows-based monitoring and data acquisition application. WellinTech KingSCADA is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed attacks will likely cause denial-of-service conditions. KingSCADA versions prior to 3.1.2.13 is vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0552",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingscada",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "3.1"
},
{
"model": "kingscada",
"scope": null,
"trust": 1.3,
"vendor": "wellintech",
"version": null
},
{
"model": "kingscada",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": "kingscada",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "3.1.2.13"
},
{
"model": "kingscada",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "3.1.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingscada",
"version": "3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingscada",
"version": "*"
},
{
"model": "kingscada",
"scope": "eq",
"trust": 0.3,
"vendor": "wellintech",
"version": "3.0"
}
],
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "BID",
"id": "66709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingscada:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingscada:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0787"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-071"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0787",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2014-0787",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-02211",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "16b033d0-2352-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0787",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2014-0787",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-02211",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-179",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2014-0787",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet. Authentication is not required to exploit this vulnerability.The specific flaw exists within the protocol parsing code contained in kxNetDispose.dll. The parent service is called AEserver.exe and listens on port 12401. The process performs arithmetic on an user-supplied value used to determine the size of a copy operation allowing a potential integer wrap to cause a stack buffer overflow. An unauthenticated attacker can leverage this vulnerability to execute code under the context of the SYSTEM user. The KingSCADA family of products is a Windows-based monitoring and data acquisition application. WellinTech KingSCADA is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Failed attacks will likely cause denial-of-service conditions. \nKingSCADA versions prior to 3.1.2.13 is vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0787"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "BID",
"id": "66709"
},
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2014-0787"
}
],
"trust": 3.51
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42724",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0787"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0787",
"trust": 4.5
},
{
"db": "ICS CERT",
"id": "ICSA-14-098-02",
"trust": 3.1
},
{
"db": "BID",
"id": "66709",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "42724",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2014-02211",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1780",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-071",
"trust": 0.7
},
{
"db": "OSVDB",
"id": "105574",
"trust": 0.6
},
{
"db": "IVD",
"id": "16B033D0-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "101475FC-1EE0-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2014-0787",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"db": "BID",
"id": "66709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
]
},
"id": "VAR-201404-0552",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
}
]
},
"last_update_date": "2023-12-18T13:09:25.760000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Software Download",
"trust": 0.8,
"url": "http://www.wellintech.com/index.php?option=com_content\u0026amp;view=article\u0026amp;id=56\u0026amp;itemid=11"
},
{
"title": "KingSCADA",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/kaisyaseihin.htm#kingscada"
},
{
"title": "WellinTech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-098-02"
},
{
"title": "WellinTech KingSCADA Stack Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/44743"
},
{
"title": "KingSCADA3.1.2.13_EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49249"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.9,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-098-02"
},
{
"trust": 1.2,
"url": "https://www.exploit-db.com/exploits/42724/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/66709"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0787"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0787"
},
{
"trust": 0.6,
"url": "http://osvdb.com/show/osvdb/105574"
},
{
"trust": 0.3,
"url": "http://en.wellintech.com/products/detail.aspx?contentid=14"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33710"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"db": "BID",
"id": "66709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"db": "BID",
"id": "66709"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"db": "NVD",
"id": "CVE-2014-0787"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-11T00:00:00",
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2014-04-11T00:00:00",
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"date": "2014-04-10T00:00:00",
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"date": "2014-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"date": "2014-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"date": "2014-04-08T00:00:00",
"db": "BID",
"id": "66709"
},
{
"date": "2014-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"date": "2014-04-12T04:37:31.737000",
"db": "NVD",
"id": "CVE-2014-0787"
},
{
"date": "2014-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-10T00:00:00",
"db": "ZDI",
"id": "ZDI-14-071"
},
{
"date": "2014-04-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02211"
},
{
"date": "2017-09-17T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0787"
},
{
"date": "2014-08-01T00:22:00",
"db": "BID",
"id": "66709"
},
{
"date": "2014-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001985"
},
{
"date": "2017-09-17T01:29:00.513000",
"db": "NVD",
"id": "CVE-2014-0787"
},
{
"date": "2014-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02211"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "16b033d0-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "101475fc-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-179"
}
],
"trust": 1.0
}
}
VAR-202303-1622
Vulnerability from variot - Updated: 2023-12-18 12:41An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. WellinTech of KingHistorian Exists in a vulnerability related to conversion errors between numeric types.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-1622",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kinghistorian",
"scope": "eq",
"trust": 1.8,
"vendor": "wellintech",
"version": "35.01.00.05"
},
{
"model": "kinghistorian",
"scope": "eq",
"trust": 0.8,
"vendor": "wellintech",
"version": null
},
{
"model": "kinghistorian",
"scope": null,
"trust": 0.8,
"vendor": "wellintech",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021057"
},
{
"db": "NVD",
"id": "CVE-2022-43663"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kinghistorian:35.01.00.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-43663"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Carl Hurd of Cisco Talos.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1521"
}
],
"trust": 0.6
},
"cve": "CVE-2022-43663",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "talos-cna@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-43663",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-43663",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2022-43663",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-1521",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021057"
},
{
"db": "NVD",
"id": "CVE-2022-43663"
},
{
"db": "NVD",
"id": "CVE-2022-43663"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1521"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. WellinTech of KingHistorian Exists in a vulnerability related to conversion errors between numeric types.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-43663"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021057"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-43663",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2022-1674",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-23-199-07",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU98974634",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021057",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2023.4068",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1521",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021057"
},
{
"db": "NVD",
"id": "CVE-2022-43663"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1521"
}
]
},
"id": "VAR-202303-1622",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5833333
},
"last_update_date": "2023-12-18T12:41:15.855000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WellinTech KingHistorian Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=230082"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1521"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-681",
"trust": 1.0
},
{
"problemtype": "Error in conversion between numeric types (CWE-681) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021057"
},
{
"db": "NVD",
"id": "CVE-2022-43663"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2022-1674"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98974634/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-43663"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-07"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-43663/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.4068"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021057"
},
{
"db": "NVD",
"id": "CVE-2022-43663"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1521"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021057"
},
{
"db": "NVD",
"id": "CVE-2022-43663"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1521"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-021057"
},
{
"date": "2023-03-20T21:15:10.533000",
"db": "NVD",
"id": "CVE-2022-43663"
},
{
"date": "2023-03-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1521"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-08T04:49:00",
"db": "JVNDB",
"id": "JVNDB-2022-021057"
},
{
"date": "2023-07-06T14:40:23.830000",
"db": "NVD",
"id": "CVE-2022-43663"
},
{
"date": "2023-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1521"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1521"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech\u00a0 of \u00a0KingHistorian\u00a0 Vulnerability regarding conversion error between numeric types in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021057"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1521"
}
],
"trust": 0.6
}
}
VAR-202303-1661
Vulnerability from variot - Updated: 2023-12-18 12:41An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability. WellinTech of KingHistorian There is an authentication vulnerability in.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-1661",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kinghistorian",
"scope": "eq",
"trust": 1.8,
"vendor": "wellintech",
"version": "35.01.00.05"
},
{
"model": "kinghistorian",
"scope": "eq",
"trust": 0.8,
"vendor": "wellintech",
"version": null
},
{
"model": "kinghistorian",
"scope": null,
"trust": 0.8,
"vendor": "wellintech",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021056"
},
{
"db": "NVD",
"id": "CVE-2022-45124"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kinghistorian:35.01.00.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-45124"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Carl Hurd of Cisco Talos.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1520"
}
],
"trust": 0.6
},
"cve": "CVE-2022-45124",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-45124",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-45124",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "talos-cna@cisco.com",
"id": "CVE-2022-45124",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-1520",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021056"
},
{
"db": "NVD",
"id": "CVE-2022-45124"
},
{
"db": "NVD",
"id": "CVE-2022-45124"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1520"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability. WellinTech of KingHistorian There is an authentication vulnerability in.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-45124"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021056"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-45124",
"trust": 3.2
},
{
"db": "TALOS",
"id": "TALOS-2022-1683",
"trust": 2.4
},
{
"db": "ICS CERT",
"id": "ICSA-23-199-07",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU98974634",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-021056",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2023.4068",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1520",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021056"
},
{
"db": "NVD",
"id": "CVE-2022-45124"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1520"
}
]
},
"id": "VAR-202303-1661",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5833333
},
"last_update_date": "2023-12-18T12:41:15.833000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WellinTech KingHistorian Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=244884"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1520"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Inappropriate authentication (CWE-287) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021056"
},
{
"db": "NVD",
"id": "CVE-2022-45124"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2022-1683"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98974634/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-45124"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-07"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-45124/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.4068"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021056"
},
{
"db": "NVD",
"id": "CVE-2022-45124"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1520"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021056"
},
{
"db": "NVD",
"id": "CVE-2022-45124"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1520"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-021056"
},
{
"date": "2023-03-20T21:15:10.647000",
"db": "NVD",
"id": "CVE-2022-45124"
},
{
"date": "2023-03-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1520"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-08T04:48:00",
"db": "JVNDB",
"id": "JVNDB-2022-021056"
},
{
"date": "2023-07-07T19:00:09.987000",
"db": "NVD",
"id": "CVE-2022-45124"
},
{
"date": "2023-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1520"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1520"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech\u00a0 of \u00a0KingHistorian\u00a0 Authentication vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-021056"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1520"
}
],
"trust": 0.6
}
}
VAR-201207-0379
Vulnerability from variot - Updated: 2023-12-18 12:31Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView is prone to multiple memory corruption vulnerabilities and a directory-traversal vulnerability. Failed exploit attempts will result in a denial-of-service condition. WellinTech KingView 6.53 is vulnerable. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: KingHistorian Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA49765
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49765/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49765
RELEASE DATE: 2012-07-09
DISCUSS ADVISORY: http://secunia.com/advisories/49765/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49765/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49765
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in KingHistorian, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an invalid pointer write error, which can be exploited to corrupt memory via a specially crafted packet sent to port 5678.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in version 3.0.
SOLUTION: Install patch.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Dillon Beresford.
ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0379",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 2.3,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.5.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "65.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.52"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "65.30.17249"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": "kingview",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.5.30.2010.18018"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "65.30.2010.18018"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "65.30.17249"
}
],
"sources": [
{
"db": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3529"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003008"
},
{
"db": "NVD",
"id": "CVE-2012-1830"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-044"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.5.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.53",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.17249:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1830"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollman and Dillon Beresford",
"sources": [
{
"db": "BID",
"id": "54280"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1830",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-1830",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "b1595316-2353-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1830",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-044",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003008"
},
{
"db": "NVD",
"id": "CVE-2012-1830"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-044"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView is prone to multiple memory corruption vulnerabilities and a directory-traversal vulnerability. Failed exploit attempts will result in a denial-of-service condition. \nWellinTech KingView 6.53 is vulnerable. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nKingHistorian Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA49765\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49765/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765\n\nRELEASE DATE:\n2012-07-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49765/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49765/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in KingHistorian, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nThe vulnerability is caused due to an invalid pointer write error,\nwhich can be exploited to corrupt memory via a specially crafted\npacket sent to port 5678. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerability is reported in version 3.0. \n\nSOLUTION:\nInstall patch. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Dillon Beresford. \n\nORIGINAL ADVISORY:\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1830"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003008"
},
{
"db": "CNVD",
"id": "CNVD-2012-3529"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "114551"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1830",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-185-01",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2012-3529",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201207-044",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003008",
"trust": 0.8
},
{
"db": "BID",
"id": "54280",
"trust": 0.3
},
{
"db": "IVD",
"id": "B1595316-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "49765",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "114551",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3529"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003008"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-1830"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-044"
}
]
},
"id": "VAR-201207-0379",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3529"
}
],
"trust": 1.3748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3529"
}
]
},
"last_update_date": "2023-12-18T12:31:09.882000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Jun.27,2012 -Patch for KingView6.53",
"trust": 0.8,
"url": "http://www.wellintech.com/index.php/news/33-patch-for-kingview653"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech KingView Stack Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18574"
},
{
"title": "KV20120322-EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43659"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3529"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003008"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-044"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003008"
},
{
"db": "NVD",
"id": "CVE-2012-1830"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-185-01.pdf"
},
{
"trust": 1.6,
"url": "http://www.wellintech.com/index.php/news/33-patch-for-kingview653"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1830"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1830"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49765/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49765/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3529"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003008"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-1830"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-044"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3529"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003008"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-1830"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-044"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-09T00:00:00",
"db": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3529"
},
{
"date": "2012-07-03T00:00:00",
"db": "BID",
"id": "54280"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003008"
},
{
"date": "2012-07-09T03:48:55",
"db": "PACKETSTORM",
"id": "114551"
},
{
"date": "2012-07-05T03:23:18.230000",
"db": "NVD",
"id": "CVE-2012-1830"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-044"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3529"
},
{
"date": "2015-03-19T09:08:00",
"db": "BID",
"id": "54280"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003008"
},
{
"date": "2012-07-17T04:00:00",
"db": "NVD",
"id": "CVE-2012-1830"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-044"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3529"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b1595316-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-044"
}
],
"trust": 0.8
}
}
VAR-201207-0380
Vulnerability from variot - Updated: 2023-12-18 12:31Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView is prone to multiple memory corruption vulnerabilities and a directory-traversal vulnerability. Failed exploit attempts will result in a denial-of-service condition. WellinTech KingView 6.53 is vulnerable. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: KingHistorian Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA49765
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49765/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49765
RELEASE DATE: 2012-07-09
DISCUSS ADVISORY: http://secunia.com/advisories/49765/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49765/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49765
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in KingHistorian, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an invalid pointer write error, which can be exploited to corrupt memory via a specially crafted packet sent to port 5678.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in version 3.0.
SOLUTION: Install patch.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Dillon Beresford.
ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0380",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 2.3,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.5.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "65.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.52"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "65.30.17249"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": "kingview",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.5.30.2010.18018"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "65.30.2010.18018"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "65.30.17249"
}
],
"sources": [
{
"db": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3531"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003009"
},
{
"db": "NVD",
"id": "CVE-2012-1831"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-045"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.53",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.5.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.17249:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1831"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollman and Dillon Beresford",
"sources": [
{
"db": "BID",
"id": "54280"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1831",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-1831",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "b1534016-2353-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1831",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-045",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003009"
},
{
"db": "NVD",
"id": "CVE-2012-1831"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-045"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView is prone to multiple memory corruption vulnerabilities and a directory-traversal vulnerability. Failed exploit attempts will result in a denial-of-service condition. \nWellinTech KingView 6.53 is vulnerable. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nKingHistorian Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA49765\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49765/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765\n\nRELEASE DATE:\n2012-07-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49765/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49765/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in KingHistorian, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nThe vulnerability is caused due to an invalid pointer write error,\nwhich can be exploited to corrupt memory via a specially crafted\npacket sent to port 5678. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerability is reported in version 3.0. \n\nSOLUTION:\nInstall patch. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Dillon Beresford. \n\nORIGINAL ADVISORY:\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1831"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003009"
},
{
"db": "CNVD",
"id": "CNVD-2012-3531"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "114551"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1831",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-185-01",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2012-3531",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201207-045",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003009",
"trust": 0.8
},
{
"db": "BID",
"id": "54280",
"trust": 0.3
},
{
"db": "IVD",
"id": "B1534016-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "49765",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "114551",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3531"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003009"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-1831"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-045"
}
]
},
"id": "VAR-201207-0380",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3531"
}
],
"trust": 1.3748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3531"
}
]
},
"last_update_date": "2023-12-18T12:31:09.845000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Jun.27,2012 -Patch for KingView6.53",
"trust": 0.8,
"url": "http://www.wellintech.com/index.php/news/33-patch-for-kingview653"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "Patch for WellinTech KingView heap buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18573"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3531"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003009"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003009"
},
{
"db": "NVD",
"id": "CVE-2012-1831"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-185-01.pdf"
},
{
"trust": 1.6,
"url": "http://www.wellintech.com/index.php/news/33-patch-for-kingview653"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1831"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1831"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49765/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49765/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3531"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003009"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-1831"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-045"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3531"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003009"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-1831"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-045"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-09T00:00:00",
"db": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3531"
},
{
"date": "2012-07-03T00:00:00",
"db": "BID",
"id": "54280"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003009"
},
{
"date": "2012-07-09T03:48:55",
"db": "PACKETSTORM",
"id": "114551"
},
{
"date": "2012-07-05T03:23:18.277000",
"db": "NVD",
"id": "CVE-2012-1831"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-045"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3531"
},
{
"date": "2015-03-19T09:08:00",
"db": "BID",
"id": "54280"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003009"
},
{
"date": "2012-07-17T04:00:00",
"db": "NVD",
"id": "CVE-2012-1831"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-045"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-045"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView Heap Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3531"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b1534016-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-045"
}
],
"trust": 0.8
}
}
VAR-201207-0059
Vulnerability from variot - Updated: 2023-12-18 12:31Directory traversal vulnerability in WellinTech KingView 6.53 allows remote attackers to read arbitrary files via a crafted HTTP request to port 8001. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView is prone to multiple memory corruption vulnerabilities and a directory-traversal vulnerability. An attacker can exploit these issues to access arbitrary files within the context of the affected application and execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. WellinTech KingView 6.53 is vulnerable. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: KingHistorian Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA49765
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49765/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49765
RELEASE DATE: 2012-07-09
DISCUSS ADVISORY: http://secunia.com/advisories/49765/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49765/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49765
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in KingHistorian, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an invalid pointer write error, which can be exploited to corrupt memory via a specially crafted packet sent to port 5678.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in version 3.0.
SOLUTION: Install patch.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Dillon Beresford.
ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0059",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 2.3,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.5.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "65.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.52"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "65.30.17249"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": "kingview",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.5.30.2010.18018"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "65.30.2010.18018"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "65.30.17249"
}
],
"sources": [
{
"db": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3533"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003012"
},
{
"db": "NVD",
"id": "CVE-2012-2560"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.17249:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.53",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.5.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2560"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollman and Dillon Beresford",
"sources": [
{
"db": "BID",
"id": "54280"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2560",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-2560",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2560",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-048",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003012"
},
{
"db": "NVD",
"id": "CVE-2012-2560"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in WellinTech KingView 6.53 allows remote attackers to read arbitrary files via a crafted HTTP request to port 8001. KingView is a product for building data information service platforms for industrial automation. WellinTech KingView is prone to multiple memory corruption vulnerabilities and a directory-traversal vulnerability. \nAn attacker can exploit these issues to access arbitrary files within the context of the affected application and execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nWellinTech KingView 6.53 is vulnerable. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nKingHistorian Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA49765\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49765/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765\n\nRELEASE DATE:\n2012-07-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49765/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49765/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in KingHistorian, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nThe vulnerability is caused due to an invalid pointer write error,\nwhich can be exploited to corrupt memory via a specially crafted\npacket sent to port 5678. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerability is reported in version 3.0. \n\nSOLUTION:\nInstall patch. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Dillon Beresford. \n\nORIGINAL ADVISORY:\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2560"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003012"
},
{
"db": "CNVD",
"id": "CNVD-2012-3533"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "114551"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2560",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-185-01",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2012-3533",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201207-048",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003012",
"trust": 0.8
},
{
"db": "BID",
"id": "54280",
"trust": 0.3
},
{
"db": "IVD",
"id": "B18E8A7C-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "49765",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "114551",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3533"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003012"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-2560"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
]
},
"id": "VAR-201207-0059",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3533"
}
],
"trust": 1.3748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3533"
}
]
},
"last_update_date": "2023-12-18T12:31:09.805000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Jun.27,2012 -Patch for KingView6.53",
"trust": 0.8,
"url": "http://www.wellintech.com/index.php/news/33-patch-for-kingview653"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech KingView Path Traversal Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18571"
},
{
"title": "KV20120322-EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=43659"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3533"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003012"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003012"
},
{
"db": "NVD",
"id": "CVE-2012-2560"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-185-01.pdf"
},
{
"trust": 1.6,
"url": "http://www.wellintech.com/index.php/news/33-patch-for-kingview653"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2560"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2560"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49765/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49765/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3533"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003012"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-2560"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3533"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003012"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-2560"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-09T00:00:00",
"db": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3533"
},
{
"date": "2012-07-03T00:00:00",
"db": "BID",
"id": "54280"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003012"
},
{
"date": "2012-07-09T03:48:55",
"db": "PACKETSTORM",
"id": "114551"
},
{
"date": "2012-07-05T03:23:18.603000",
"db": "NVD",
"id": "CVE-2012-2560"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3533"
},
{
"date": "2015-03-19T09:08:00",
"db": "BID",
"id": "54280"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003012"
},
{
"date": "2012-07-17T04:00:00",
"db": "NVD",
"id": "CVE-2012-2560"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView Path traversal vulnerability",
"sources": [
{
"db": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3533"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "b18e8a7c-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-048"
}
],
"trust": 0.8
}
}
VAR-201207-0058
Vulnerability from variot - Updated: 2023-12-18 12:31WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer write) via a crafted packet to TCP port 5678. WellinTech KingHistorian is a data storage platform. WellinTech KingHistorian is prone to a memory corruption vulnerability. Failed exploit attempts will result in a denial-of-service condition. WellinTech KingHistorian 3.0 is vulnerable. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: KingHistorian Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA49765
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49765/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49765
RELEASE DATE: 2012-07-09
DISCUSS ADVISORY: http://secunia.com/advisories/49765/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49765/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49765
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in KingHistorian, which can be exploited by malicious people to compromise a vulnerable system.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in version 3.0.
SOLUTION: Install patch.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Dillon Beresford.
ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0058",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kinghistorian",
"scope": "eq",
"trust": 3.3,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kinghistorian",
"version": "3.0"
}
],
"sources": [
{
"db": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3527"
},
{
"db": "BID",
"id": "54282"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003011"
},
{
"db": "NVD",
"id": "CVE-2012-2559"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-047"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kinghistorian:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2559"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollman and Dillon Beresford",
"sources": [
{
"db": "BID",
"id": "54282"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2559",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-2559",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "b194c284-2353-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2559",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-047",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003011"
},
{
"db": "NVD",
"id": "CVE-2012-2559"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-047"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer write) via a crafted packet to TCP port 5678. WellinTech KingHistorian is a data storage platform. WellinTech KingHistorian is prone to a memory corruption vulnerability. Failed exploit attempts will result in a denial-of-service condition. \nWellinTech KingHistorian 3.0 is vulnerable. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nKingHistorian Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA49765\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49765/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765\n\nRELEASE DATE:\n2012-07-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49765/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49765/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in KingHistorian, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerability is reported in version 3.0. \n\nSOLUTION:\nInstall patch. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Dillon Beresford. \n\nORIGINAL ADVISORY:\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2559"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003011"
},
{
"db": "CNVD",
"id": "CNVD-2012-3527"
},
{
"db": "BID",
"id": "54282"
},
{
"db": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "114551"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2559",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-185-01",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2012-3527",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201207-047",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003011",
"trust": 0.8
},
{
"db": "BID",
"id": "54282",
"trust": 0.3
},
{
"db": "IVD",
"id": "B194C284-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "49765",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "114551",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3527"
},
{
"db": "BID",
"id": "54282"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003011"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-2559"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-047"
}
]
},
"id": "VAR-201207-0058",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3527"
}
],
"trust": 1.3833333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3527"
}
]
},
"last_update_date": "2023-12-18T12:31:09.768000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech KingHistorian Memory Corruption Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18575"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3527"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003011"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003011"
},
{
"db": "NVD",
"id": "CVE-2012-2559"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-185-01.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2559"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2559"
},
{
"trust": 0.3,
"url": "http://www.wellintech.com/"
},
{
"trust": 0.3,
"url": "http://en2.wellintech.com/products/detail.aspx?contentid=25"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49765/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49765/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3527"
},
{
"db": "BID",
"id": "54282"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003011"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-2559"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-047"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3527"
},
{
"db": "BID",
"id": "54282"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003011"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-2559"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-047"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-09T00:00:00",
"db": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3527"
},
{
"date": "2012-07-03T00:00:00",
"db": "BID",
"id": "54282"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003011"
},
{
"date": "2012-07-09T03:48:55",
"db": "PACKETSTORM",
"id": "114551"
},
{
"date": "2012-07-05T03:23:18.573000",
"db": "NVD",
"id": "CVE-2012-2559"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-047"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3527"
},
{
"date": "2012-07-03T00:00:00",
"db": "BID",
"id": "54282"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003011"
},
{
"date": "2012-07-17T04:00:00",
"db": "NVD",
"id": "CVE-2012-2559"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-047"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-047"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingHistorian Memory corruption vulnerability",
"sources": [
{
"db": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3527"
},
{
"db": "BID",
"id": "54282"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-047"
}
],
"trust": 1.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Resource management error",
"sources": [
{
"db": "IVD",
"id": "b194c284-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-047"
}
],
"trust": 0.8
}
}
VAR-201207-0381
Vulnerability from variot - Updated: 2023-12-18 12:31WellinTech KingView 6.53 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted packet to (1) TCP or (2) UDP port 2001. KingView is a product for building data information service platforms for industrial automation. A security vulnerability exists in WellinTech KingView that allows an attacker to send a specially crafted message to the TCP 2001 or UPD 2001 port, which can trigger the reading of illegal memory domain data, causing the application to crash. WellinTech KingView is prone to multiple memory corruption vulnerabilities and a directory-traversal vulnerability. An attacker can exploit these issues to access arbitrary files within the context of the affected application and execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. WellinTech KingView 6.53 is vulnerable. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: KingHistorian Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA49765
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49765/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49765
RELEASE DATE: 2012-07-09
DISCUSS ADVISORY: http://secunia.com/advisories/49765/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49765/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49765
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in KingHistorian, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an invalid pointer write error, which can be exploited to corrupt memory via a specially crafted packet sent to port 5678.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in version 3.0.
SOLUTION: Install patch.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Dillon Beresford.
ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0381",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 2.3,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.5.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "65.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.52"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "65.30.17249"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": "kingview",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.5.30.2010.18018"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "65.30.2010.18018"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "65.30.17249"
}
],
"sources": [
{
"db": "IVD",
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3532"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003010"
},
{
"db": "NVD",
"id": "CVE-2012-1832"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-046"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.53",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.5.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.17249:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1832"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollman and Dillon Beresford",
"sources": [
{
"db": "BID",
"id": "54280"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1832",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-1832",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1832",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-046",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003010"
},
{
"db": "NVD",
"id": "CVE-2012-1832"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-046"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView 6.53 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted packet to (1) TCP or (2) UDP port 2001. KingView is a product for building data information service platforms for industrial automation. A security vulnerability exists in WellinTech KingView that allows an attacker to send a specially crafted message to the TCP 2001 or UPD 2001 port, which can trigger the reading of illegal memory domain data, causing the application to crash. WellinTech KingView is prone to multiple memory corruption vulnerabilities and a directory-traversal vulnerability. \nAn attacker can exploit these issues to access arbitrary files within the context of the affected application and execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nWellinTech KingView 6.53 is vulnerable. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nKingHistorian Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA49765\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49765/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765\n\nRELEASE DATE:\n2012-07-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49765/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49765/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in KingHistorian, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nThe vulnerability is caused due to an invalid pointer write error,\nwhich can be exploited to corrupt memory via a specially crafted\npacket sent to port 5678. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerability is reported in version 3.0. \n\nSOLUTION:\nInstall patch. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Dillon Beresford. \n\nORIGINAL ADVISORY:\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1832"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003010"
},
{
"db": "CNVD",
"id": "CNVD-2012-3532"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "IVD",
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "114551"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1832",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-12-185-01",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2012-3532",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201207-046",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003010",
"trust": 0.8
},
{
"db": "BID",
"id": "54280",
"trust": 0.3
},
{
"db": "IVD",
"id": "B14CC34E-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "49765",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "114551",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3532"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003010"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-1832"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-046"
}
]
},
"id": "VAR-201207-0381",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3532"
}
],
"trust": 1.3748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3532"
}
]
},
"last_update_date": "2023-12-18T12:31:09.732000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Jun.27,2012 -Patch for KingView6.53",
"trust": 0.8,
"url": "http://www.wellintech.com/index.php/news/33-patch-for-kingview653"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech KingView illegal read vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18572"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3532"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003010"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003010"
},
{
"db": "NVD",
"id": "CVE-2012-1832"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-185-01.pdf"
},
{
"trust": 1.6,
"url": "http://www.wellintech.com/index.php/news/33-patch-for-kingview653"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1832"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1832"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49765/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49765/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49765"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3532"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003010"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-1832"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-046"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3532"
},
{
"db": "BID",
"id": "54280"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003010"
},
{
"db": "PACKETSTORM",
"id": "114551"
},
{
"db": "NVD",
"id": "CVE-2012-1832"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-046"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-09T00:00:00",
"db": "IVD",
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3532"
},
{
"date": "2012-07-03T00:00:00",
"db": "BID",
"id": "54280"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003010"
},
{
"date": "2012-07-09T03:48:55",
"db": "PACKETSTORM",
"id": "114551"
},
{
"date": "2012-07-05T03:23:18.323000",
"db": "NVD",
"id": "CVE-2012-1832"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-046"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3532"
},
{
"date": "2015-03-19T09:08:00",
"db": "BID",
"id": "54280"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003010"
},
{
"date": "2012-07-17T04:00:00",
"db": "NVD",
"id": "CVE-2012-1832"
},
{
"date": "2012-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-046"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-046"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003010"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b14cc34e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-046"
}
],
"trust": 0.8
}
}
VAR-201310-0404
Vulnerability from variot - Updated: 2023-12-18 12:30The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the two pathname arguments, as demonstrated by a directory traversal attack. Kingview is the first SCADA product launched by Asia Control for small and medium-sized projects for monitoring and controlling automation equipment and processes. WellinTech KingView ActiveX has multiple arbitrary file coverage vulnerabilities. Because the program fails to properly filter user input, an attacker can exploit the vulnerability to save arbitrary files on the affected application context computer. WellinTech KingView is prone to multiple insecure-method vulnerabilities because it fails to properly sanitize user-supplied input. KingView 6.53 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201310-0404",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.52"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.5,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "6.53 (supergrid.ocx 65.30.30000.10002 )"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "kingview",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "kingview",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "kingview",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "BID",
"id": "62419"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004901"
},
{
"db": "NVD",
"id": "CVE-2013-6127"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.53",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6127"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Blake",
"sources": [
{
"db": "BID",
"id": "62419"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
],
"trust": 0.9
},
"cve": "CVE-2013-6127",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-6127",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-13162",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "89f639b6-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "89fad822-2352-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6127",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-13162",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-273",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004901"
},
{
"db": "NVD",
"id": "CVE-2013-6127"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the two pathname arguments, as demonstrated by a directory traversal attack. Kingview is the first SCADA product launched by Asia Control for small and medium-sized projects for monitoring and controlling automation equipment and processes. WellinTech KingView ActiveX has multiple arbitrary file coverage vulnerabilities. Because the program fails to properly filter user input, an attacker can exploit the vulnerability to save arbitrary files on the affected application context computer. WellinTech KingView is prone to multiple insecure-method vulnerabilities because it fails to properly sanitize user-supplied input. \nKingView 6.53 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6127"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004901"
},
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "BID",
"id": "62419"
},
{
"db": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6127",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-13-295-01",
"trust": 2.4
},
{
"db": "EXPLOIT-DB",
"id": "28084",
"trust": 1.6
},
{
"db": "BID",
"id": "62419",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2013-13162",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201309-273",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004901",
"trust": 0.8
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-13-256-01",
"trust": 0.6
},
{
"db": "IVD",
"id": "89F639B6-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "89FAD822-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "CE5C0E88-1F0A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "BID",
"id": "62419"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004901"
},
{
"db": "NVD",
"id": "CVE-2013-6127"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
]
},
"id": "VAR-201310-0404",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13162"
}
],
"trust": 1.7748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13162"
}
]
},
"last_update_date": "2023-12-18T12:30:51.015000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech KingView ActiveX has multiple patches for arbitrary file coverage vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/67162"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004901"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004901"
},
{
"db": "NVD",
"id": "CVE-2013-6127"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-295-01"
},
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/28084/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6127"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6127"
},
{
"trust": 0.6,
"url": "http://ics-cert.us-cert.gov/alerts/ics-alert-13-256-01"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/62419"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004901"
},
{
"db": "NVD",
"id": "CVE-2013-6127"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "BID",
"id": "62419"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004901"
},
{
"db": "NVD",
"id": "CVE-2013-6127"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-22T00:00:00",
"db": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-09-22T00:00:00",
"db": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-09-22T00:00:00",
"db": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d"
},
{
"date": "2013-09-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"date": "2013-09-04T00:00:00",
"db": "BID",
"id": "62419"
},
{
"date": "2013-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004901"
},
{
"date": "2013-10-25T20:55:03.500000",
"db": "NVD",
"id": "CVE-2013-6127"
},
{
"date": "2013-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"date": "2013-10-23T00:37:00",
"db": "BID",
"id": "62419"
},
{
"date": "2013-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004901"
},
{
"date": "2013-10-28T13:32:46.627000",
"db": "NVD",
"id": "CVE-2013-6127"
},
{
"date": "2013-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView ActiveX Multiple arbitrary file coverage vulnerabilities",
"sources": [
{
"db": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "89f639b6-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "89fad822-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ce5c0e88-1f0a-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-273"
}
],
"trust": 1.2
}
}
VAR-201310-0626
Vulnerability from variot - Updated: 2023-12-18 12:30The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict SaveToFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the single pathname argument, as demonstrated by a directory traversal attack. Kingview is the first SCADA product launched by Asia Control for small and medium-sized projects for monitoring and controlling automation equipment and processes. WellinTech KingView ActiveX has multiple arbitrary file coverage vulnerabilities. Because the program fails to properly filter user input, an attacker can exploit the vulnerability to save arbitrary files on the affected application context computer. WellinTech KingView is prone to multiple insecure-method vulnerabilities because it fails to properly sanitize user-supplied input. KingView 6.53 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201310-0626",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "6.52"
},
{
"model": "kingview",
"scope": "eq",
"trust": 0.9,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "lt",
"trust": 0.8,
"vendor": "wellintech",
"version": "6.53 (kchartxy.ocx 65.30.30000.10002 )"
},
{
"model": "kingview",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "6.52"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "BID",
"id": "62419"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004902"
},
{
"db": "NVD",
"id": "CVE-2013-6128"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-514"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.52",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6128"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Blake",
"sources": [
{
"db": "BID",
"id": "62419"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-514"
}
],
"trust": 0.9
},
"cve": "CVE-2013-6128",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-6128",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-13162",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6128",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-13162",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201310-514",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004902"
},
{
"db": "NVD",
"id": "CVE-2013-6128"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-514"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict SaveToFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the single pathname argument, as demonstrated by a directory traversal attack. Kingview is the first SCADA product launched by Asia Control for small and medium-sized projects for monitoring and controlling automation equipment and processes. WellinTech KingView ActiveX has multiple arbitrary file coverage vulnerabilities. Because the program fails to properly filter user input, an attacker can exploit the vulnerability to save arbitrary files on the affected application context computer. WellinTech KingView is prone to multiple insecure-method vulnerabilities because it fails to properly sanitize user-supplied input. \nKingView 6.53 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6128"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004902"
},
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "BID",
"id": "62419"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6128",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-13-295-01",
"trust": 2.4
},
{
"db": "EXPLOIT-DB",
"id": "28085",
"trust": 1.6
},
{
"db": "BID",
"id": "62419",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004902",
"trust": 0.8
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-13-256-01",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2013-13162",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201310-514",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "BID",
"id": "62419"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004902"
},
{
"db": "NVD",
"id": "CVE-2013-6128"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-514"
}
]
},
"id": "VAR-201310-0626",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13162"
}
],
"trust": 1.1748105999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13162"
}
]
},
"last_update_date": "2023-12-18T12:30:50.507000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech KingView ActiveX has multiple patches for arbitrary file coverage vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/67162"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004902"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004902"
},
{
"db": "NVD",
"id": "CVE-2013-6128"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-295-01"
},
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/28085/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6128"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6128"
},
{
"trust": 0.6,
"url": "http://ics-cert.us-cert.gov/alerts/ics-alert-13-256-01"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/62419"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004902"
},
{
"db": "NVD",
"id": "CVE-2013-6128"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-514"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"db": "BID",
"id": "62419"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004902"
},
{
"db": "NVD",
"id": "CVE-2013-6128"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-514"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"date": "2013-09-04T00:00:00",
"db": "BID",
"id": "62419"
},
{
"date": "2013-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004902"
},
{
"date": "2013-10-25T20:55:03.517000",
"db": "NVD",
"id": "CVE-2013-6128"
},
{
"date": "2013-09-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-514"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-13162"
},
{
"date": "2013-10-23T00:37:00",
"db": "BID",
"id": "62419"
},
{
"date": "2013-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004902"
},
{
"date": "2013-10-28T13:39:05.637000",
"db": "NVD",
"id": "CVE-2013-6128"
},
{
"date": "2013-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-514"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-514"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView of KChartXY.ocx Vulnerable to arbitrary file generation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004902"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-514"
}
],
"trust": 0.6
}
}
VAR-201210-0353
Vulnerability from variot - Updated: 2023-12-18 12:21WellinTech KingView 6.5.3 and earlier uses a weak password-hashing algorithm, which makes it easier for local users to discover credentials by reading an unspecified file. KingView is a product for building a data information service platform for industrial automation. Wellintech KingView has a default authentication credential that an attacker could use to log in to the application for unauthorized access using this undocumented default user. WellinTech KingView is prone to an unauthorized-access vulnerability due to a backdoor in all versions of the application. Attackers can exploit this issue to gain unauthorized access to the affected application. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0353",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 2.5,
"vendor": "wellintech",
"version": "65.30.17249"
},
{
"model": "kingview",
"scope": "eq",
"trust": 2.5,
"vendor": "wellintech",
"version": "65.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.5.30.2010.18018"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "6.52"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.6,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": "kingview",
"scope": "eq",
"trust": 1.5,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "lte",
"trust": 1.0,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "lte",
"trust": 0.8,
"vendor": "wellintech",
"version": "6.5.3"
},
{
"model": "kingview",
"scope": "lte",
"trust": 0.6,
"vendor": "wellintech",
"version": "\u003c=6.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingview",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingview",
"version": "6.5.30.2010.18018"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingview",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingview",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingview",
"version": "65.30.2010.18018"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "kingview",
"version": "65.30.17249"
}
],
"sources": [
{
"db": "IVD",
"id": "4fbf6582-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"db": "CNVD",
"id": "CNVD-2012-5742"
},
{
"db": "BID",
"id": "54729"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004920"
},
{
"db": "NVD",
"id": "CVE-2012-4899"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.53",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.5.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.17249:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:65.30.2010.18018:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4899"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. Wesley McGrew of Mississippi State University",
"sources": [
{
"db": "BID",
"id": "54729"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
],
"trust": 0.9
},
"cve": "CVE-2012-4899",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-4899",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "4fbf6582-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4899",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-595",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "4fbf6582-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4fbf6582-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004920"
},
{
"db": "NVD",
"id": "CVE-2012-4899"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView 6.5.3 and earlier uses a weak password-hashing algorithm, which makes it easier for local users to discover credentials by reading an unspecified file. KingView is a product for building a data information service platform for industrial automation. Wellintech KingView has a default authentication credential that an attacker could use to log in to the application for unauthorized access using this undocumented default user. WellinTech KingView is prone to an unauthorized-access vulnerability due to a backdoor in all versions of the application. \nAttackers can exploit this issue to gain unauthorized access to the affected application. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4899"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004920"
},
{
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"db": "CNVD",
"id": "CNVD-2012-5742"
},
{
"db": "BID",
"id": "54729"
},
{
"db": "IVD",
"id": "4fbf6582-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4899",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-12-283-02",
"trust": 2.4
},
{
"db": "CNNVD",
"id": "CNNVD-201207-595",
"trust": 1.0
},
{
"db": "BID",
"id": "54729",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-5742",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-4033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004920",
"trust": 0.8
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-12-212-02",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47148",
"trust": 0.6
},
{
"db": "IVD",
"id": "4FBF6582-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "79960DF6-1F5D-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "4fbf6582-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"db": "CNVD",
"id": "CNVD-2012-5742"
},
{
"db": "BID",
"id": "54729"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004920"
},
{
"db": "NVD",
"id": "CVE-2012-4899"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
]
},
"id": "VAR-201210-0353",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4fbf6582-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"db": "CNVD",
"id": "CNVD-2012-5742"
}
],
"trust": 2.1748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "4fbf6582-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"db": "CNVD",
"id": "CNVD-2012-5742"
}
]
},
"last_update_date": "2023-12-18T12:21:52.613000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "June.27,2012-Patch for KingView6.53",
"trust": 0.8,
"url": "http://www.wellintech.com/index.php/news/33-patch-for-kingview653"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "Patch for WellinTech KingView Backdoor Unauthorized Access Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/67164"
},
{
"title": "WellinTech KingView weak password algorithm vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/23654"
},
{
"title": "KV20120322-EN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45073"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"db": "CNVD",
"id": "CNVD-2012-5742"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004920"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004920"
},
{
"db": "NVD",
"id": "CVE-2012-4899"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-283-02.pdf"
},
{
"trust": 1.0,
"url": "http://www.wellintech.com/index.php/news/33-patch-for-kingview653"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4899"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4899"
},
{
"trust": 0.6,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-12-212-02.pdf"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47148"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"db": "CNVD",
"id": "CNVD-2012-5742"
},
{
"db": "BID",
"id": "54729"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004920"
},
{
"db": "NVD",
"id": "CVE-2012-4899"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4fbf6582-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"db": "CNVD",
"id": "CNVD-2012-5742"
},
{
"db": "BID",
"id": "54729"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004920"
},
{
"db": "NVD",
"id": "CVE-2012-4899"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-12T00:00:00",
"db": "IVD",
"id": "4fbf6582-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-08-01T00:00:00",
"db": "IVD",
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d"
},
{
"date": "2012-08-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"date": "2012-10-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5742"
},
{
"date": "2012-07-30T00:00:00",
"db": "BID",
"id": "54729"
},
{
"date": "2012-10-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004920"
},
{
"date": "2012-10-10T18:55:05.550000",
"db": "NVD",
"id": "CVE-2012-4899"
},
{
"date": "2012-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5742"
},
{
"date": "2015-03-19T08:52:00",
"db": "BID",
"id": "54729"
},
{
"date": "2012-10-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004920"
},
{
"date": "2013-01-30T05:00:00",
"db": "NVD",
"id": "CVE-2012-4899"
},
{
"date": "2020-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView Backdoor unauthorized access vulnerability",
"sources": [
{
"db": "IVD",
"id": "79960df6-1f5d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4033"
},
{
"db": "BID",
"id": "54729"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
],
"trust": 1.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-595"
}
],
"trust": 0.6
}
}
VAR-201302-0034
Vulnerability from variot - Updated: 2023-12-18 12:21Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech KingView 6.52, kingMess.exe 65.20.2003.10400 in KingView 6.53, and kingMess.exe 65.50.2011.18049 in KingView 6.55 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted packet. KingView is a product for building data information service platforms for industrial automation. KingView does not correctly handle exception information, which can lead to a memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. KingView 6.52, 6.53, and 6.55 are vulnerable. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: KingView KingMess Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA52190
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52190/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52190
RELEASE DATE: 2013-02-13
DISCUSS ADVISORY: http://secunia.com/advisories/52190/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52190/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52190
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in KingView, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error within KingMess and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code but requires opening a log file.
The vulnerability is reported in versions 6.52, 6.53, and 6.55. Other versions may also be affected.
SOLUTION: Apply patches.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: CNVD credits Lucas Apa and Carlos Mario Penagos Hollman, IOActive.
ORIGINAL ADVISORY: http://www.cnvd.org.cn/sites/main/preview/ldgg_preview.htm?tid=61735
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0034",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 2.5,
"vendor": "wellintech",
"version": "6.53"
},
{
"model": "kingview",
"scope": "eq",
"trust": 2.2,
"vendor": "wellintech",
"version": "6.55"
},
{
"model": "kingview",
"scope": "eq",
"trust": 2.2,
"vendor": "wellintech",
"version": "6.52"
},
{
"model": "kingview",
"scope": "eq",
"trust": 0.8,
"vendor": "wellintech",
"version": "6.52 (kingmess.exe 65.20.2003.10300)"
},
{
"model": "kingview",
"scope": "eq",
"trust": 0.8,
"vendor": "wellintech",
"version": "6.53 (kingmess.exe 65.20.2003.10400)"
},
{
"model": "kingview",
"scope": "eq",
"trust": 0.8,
"vendor": "wellintech",
"version": "6.55 (kingmess.exe 65.50.2011.18049)"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.52"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.53"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "kingview",
"version": "6.55"
}
],
"sources": [
{
"db": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01107"
},
{
"db": "BID",
"id": "57909"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001582"
},
{
"db": "NVD",
"id": "CVE-2012-4711"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-265"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:6.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4711"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Researchers Lucas Apa and Carlos Mario Penagos Hollman of IOActive",
"sources": [
{
"db": "BID",
"id": "57909"
}
],
"trust": 0.3
},
"cve": "CVE-2012-4711",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-4711",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4711",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-265",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001582"
},
{
"db": "NVD",
"id": "CVE-2012-4711"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-265"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech KingView 6.52, kingMess.exe 65.20.2003.10400 in KingView 6.53, and kingMess.exe 65.50.2011.18049 in KingView 6.55 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted packet. KingView is a product for building data information service platforms for industrial automation. KingView does not correctly handle exception information, which can lead to a memory corruption vulnerability. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nKingView 6.52, 6.53, and 6.55 are vulnerable. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nKingView KingMess Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA52190\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52190/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52190\n\nRELEASE DATE:\n2013-02-13\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52190/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52190/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52190\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in KingView, which can be exploited\nby malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an unspecified error within\nKingMess and can be exploited to cause a buffer overflow. \n\nSuccessful exploitation may allow execution of arbitrary code but\nrequires opening a log file. \n\nThe vulnerability is reported in versions 6.52, 6.53, and 6.55. Other\nversions may also be affected. \n\nSOLUTION:\nApply patches. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nCNVD credits Lucas Apa and Carlos Mario Penagos Hollman, IOActive. \n\nORIGINAL ADVISORY:\nhttp://www.cnvd.org.cn/sites/main/preview/ldgg_preview.htm?tid=61735\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4711"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001582"
},
{
"db": "CNVD",
"id": "CNVD-2013-01107"
},
{
"db": "BID",
"id": "57909"
},
{
"db": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "120294"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4711",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-13-043-02",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-13-043-02A",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2013-01107",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-265",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001582",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "52190",
"trust": 0.7
},
{
"db": "BID",
"id": "57909",
"trust": 0.3
},
{
"db": "IVD",
"id": "1705F1B6-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "120294",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01107"
},
{
"db": "BID",
"id": "57909"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001582"
},
{
"db": "PACKETSTORM",
"id": "120294"
},
{
"db": "NVD",
"id": "CVE-2012-4711"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-265"
}
]
},
"id": "VAR-201302-0034",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01107"
}
],
"trust": 1.3748106
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01107"
}
]
},
"last_update_date": "2023-12-18T12:21:49.164000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp/"
},
{
"title": "WellinTech KingView Memory Corruption Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31937"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01107"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001582"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001582"
},
{
"db": "NVD",
"id": "CVE-2012-4711"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-043-02.pdf"
},
{
"trust": 1.0,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-043-02a"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4711"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4711"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52190"
},
{
"trust": 0.3,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-043-02a-b.pdf"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/"
},
{
"trust": 0.3,
"url": "http://www.wellintech.com/"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/download/display1.aspx?id=225"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52190"
},
{
"trust": 0.1,
"url": "http://www.cnvd.org.cn/sites/main/preview/ldgg_preview.htm?tid=61735"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52190/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52190/#comments"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01107"
},
{
"db": "BID",
"id": "57909"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001582"
},
{
"db": "PACKETSTORM",
"id": "120294"
},
{
"db": "NVD",
"id": "CVE-2012-4711"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-265"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01107"
},
{
"db": "BID",
"id": "57909"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001582"
},
{
"db": "PACKETSTORM",
"id": "120294"
},
{
"db": "NVD",
"id": "CVE-2012-4711"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-265"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-20T00:00:00",
"db": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01107"
},
{
"date": "2013-02-12T00:00:00",
"db": "BID",
"id": "57909"
},
{
"date": "2013-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001582"
},
{
"date": "2013-02-13T04:48:23",
"db": "PACKETSTORM",
"id": "120294"
},
{
"date": "2013-02-15T12:09:27.820000",
"db": "NVD",
"id": "CVE-2012-4711"
},
{
"date": "2013-02-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-265"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01107"
},
{
"date": "2013-04-02T15:37:00",
"db": "BID",
"id": "57909"
},
{
"date": "2013-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001582"
},
{
"date": "2013-05-21T03:20:37.297000",
"db": "NVD",
"id": "CVE-2012-4711"
},
{
"date": "2013-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-265"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-265"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView Memory corruption vulnerability",
"sources": [
{
"db": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01107"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "1705f1b6-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-265"
}
],
"trust": 0.8
}
}
VAR-201205-0115
Vulnerability from variot - Updated: 2023-12-18 12:10WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file. KingSCADA is a SCADA product for the high and mid-end markets. KingSCADA stores the password in the user64 file in Base64 format, and the user can easily decode and access the SCADA server. KingSCADA is prone to a remote information-disclosure vulnerability. Remote attackers can exploit this issue to obtain the password of the affected device. KingSCADA 3.0 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0115",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 2.4,
"vendor": "wellintech",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "kingview",
"version": "3.0"
},
{
"model": "das usa kingscada",
"scope": "eq",
"trust": 0.6,
"vendor": "icp",
"version": "3.0"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "kingscada",
"scope": "eq",
"trust": 0.3,
"vendor": "wellintech",
"version": "3.0"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "BID",
"id": "51582"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wellintech:kingview:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1977"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexandr Polyakov and Alexey Sintsov",
"sources": [
{
"db": "BID",
"id": "51582"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-376"
}
],
"trust": 0.9
},
"cve": "CVE-2012-1977",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.1,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-1977",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2012-8819",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1977",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2012-8819",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-178",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file. KingSCADA is a SCADA product for the high and mid-end markets. KingSCADA stores the password in the user64 file in Base64 format, and the user can easily decode and access the SCADA server. KingSCADA is prone to a remote information-disclosure vulnerability. \nRemote attackers can exploit this issue to obtain the password of the affected device. \nKingSCADA 3.0 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1977"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "BID",
"id": "51582"
},
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1977",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-12-129-01",
"trust": 2.7
},
{
"db": "BID",
"id": "51582",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178",
"trust": 1.2
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-12-020-06",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2012-8819",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2012-0343",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201201-376",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7A93E1-463F-11E9-A373-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "DBCBB6DE-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "08E4171E-1F77-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "BID",
"id": "51582"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
]
},
"id": "VAR-201205-0115",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
}
],
"trust": 2.5249368666666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
}
]
},
"last_update_date": "2023-12-18T12:10:05.974000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://en.wellintech.com/index.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.wellintech.co.jp"
},
{
"title": "WellinTech KingSCADA Trust Management Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/36034"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-129-01.pdf"
},
{
"trust": 2.2,
"url": "http://dsecrg.com/pages/vul/show.php?id=405"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-12-020-06.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1977"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1977"
},
{
"trust": 0.6,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/51582"
},
{
"trust": 0.3,
"url": "http://en.wellintech.com/products/detail.aspx?contentid=14"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "BID",
"id": "51582"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "BID",
"id": "51582"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"db": "NVD",
"id": "CVE-2012-1977"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-10T00:00:00",
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"date": "2012-05-10T00:00:00",
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-01T00:00:00",
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"date": "2012-01-20T00:00:00",
"db": "BID",
"id": "51582"
},
{
"date": "2012-05-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"date": "2012-05-09T10:33:15.020000",
"db": "NVD",
"id": "CVE-2012-1977"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0343"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"date": "2012-05-08T22:10:00",
"db": "BID",
"id": "51582"
},
{
"date": "2012-09-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002373"
},
{
"date": "2012-08-29T04:00:00",
"db": "NVD",
"id": "CVE-2012-1977"
},
{
"date": "2012-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201201-376"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingSCADA Trust Management Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-8819"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trust management",
"sources": [
{
"db": "IVD",
"id": "7d7a93e1-463f-11e9-a373-000c29342cb1"
},
{
"db": "IVD",
"id": "dbcbb6de-2353-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "08e4171e-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-178"
}
],
"trust": 1.2
}
}
VAR-201211-0446
Vulnerability from variot - Updated: 2022-05-17 02:09KingView KingMes is a manufacturing execution management system. There is a memory corruption vulnerability in the KingView KingMes component. When Kingmess reads the exception information, it lacks security protection and will cause memory overflow. Allows a remote attacker to execute arbitrary code while running the user context. Triggering this vulnerability requires opening a specially crafted log file in the application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0446",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview universal edition (kingmess.exe",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "6.5365.20.2003.10400)"
},
{
"model": "kingview universal edition (kingmess.exe",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "6.5565.50.2011.18049)"
},
{
"model": "kingview universal edition (kingmess.exe",
"scope": "eq",
"trust": 0.6,
"vendor": "wellintech",
"version": "6.5265.20.2003.10300)"
},
{
"model": "kingview universal edition kingmess.exe",
"scope": "eq",
"trust": 0.2,
"vendor": "wellintech",
"version": "6.53(65.20.2003.10400)*"
},
{
"model": "kingview universal edition kingmess.exe",
"scope": "eq",
"trust": 0.2,
"vendor": "wellintech",
"version": "6.55(65.50.2011.18049)*"
},
{
"model": "kingview universal edition kingmess.exe",
"scope": "eq",
"trust": 0.2,
"vendor": "wellintech",
"version": "6.52(65.20.2003.10300)"
}
],
"sources": [
{
"db": "IVD",
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6617"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:C",
"version": "2.0 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "KingView KingMes is a manufacturing execution management system. There is a memory corruption vulnerability in the KingView KingMes component. When Kingmess reads the exception information, it lacks security protection and will cause memory overflow. Allows a remote attacker to execute arbitrary code while running the user context. Triggering this vulnerability requires opening a specially crafted log file in the application",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6617"
},
{
"db": "IVD",
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-6617",
"trust": 0.8
},
{
"db": "IVD",
"id": "BBD756B4-1F4B-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6617"
}
]
},
"id": "VAR-201211-0446",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6617"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6617"
}
]
},
"last_update_date": "2022-05-17T02:09:08.100000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Asian control company KingMess has a patch for memory corruption vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/25211"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6617"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6617"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-20T00:00:00",
"db": "IVD",
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d"
},
{
"date": "2012-11-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6617"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6617"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Asian control company KingMess has a memory corruption vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6617"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "bbd756b4-1f4b-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
VAR-201206-0420
Vulnerability from variot - Updated: 2022-05-17 02:04KingView is a product for building data information service platforms for industrial automation. Kingview has a buffer overflow vulnerability. An attacker could exploit a vulnerability to execute arbitrary code in the context of an application. Kingview is prone to a network-based buffer-overflow vulnerability. Failed attacks will cause denial-of-service conditions. Kingview 6.53 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0420",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 1.1,
"vendor": "wellintech",
"version": "6.53"
}
],
"sources": [
{
"db": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3380"
},
{
"db": "BID",
"id": "54180"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carlos Mario Penagos Hollmann",
"sources": [
{
"db": "BID",
"id": "54180"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-760"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:C",
"version": "2.0 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "KingView is a product for building data information service platforms for industrial automation. Kingview has a buffer overflow vulnerability. An attacker could exploit a vulnerability to execute arbitrary code in the context of an application. Kingview is prone to a network-based buffer-overflow vulnerability. Failed attacks will cause denial-of-service conditions. \nKingview 6.53 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3380"
},
{
"db": "BID",
"id": "54180"
},
{
"db": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "54180",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2012-3380",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-760",
"trust": 0.6
},
{
"db": "IVD",
"id": "59B362CC-1F62-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3380"
},
{
"db": "BID",
"id": "54180"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-760"
}
]
},
"id": "VAR-201206-0420",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3380"
}
],
"trust": 1.3764423
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3380"
}
]
},
"last_update_date": "2022-05-17T02:04:43.716000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Kingview Network Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18351"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3380"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/54180"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3380"
},
{
"db": "BID",
"id": "54180"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-760"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3380"
},
{
"db": "BID",
"id": "54180"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-760"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-29T00:00:00",
"db": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3380"
},
{
"date": "2012-06-25T00:00:00",
"db": "BID",
"id": "54180"
},
{
"date": "2012-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-760"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3380"
},
{
"date": "2012-06-25T00:00:00",
"db": "BID",
"id": "54180"
},
{
"date": "2012-10-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-760"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-760"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kingview Network Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3380"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "59b362cc-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-760"
}
],
"trust": 0.8
}
}
VAR-201205-0515
Vulnerability from variot - Updated: 2022-05-17 01:56WellinTech KingView is prone to a denial-of-service vulnerability and a directory-traversal vulnerability. Exploiting these issues may allow remote attackers to crash or access arbitrary files within the context of the affected application. KingView 65.30.17249 is vulnerable; other versions may also be affected.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0515",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kingview",
"scope": "eq",
"trust": 0.3,
"vendor": "wellintech",
"version": "65.30.17249"
}
],
"sources": [
{
"db": "BID",
"id": "53370"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "anonymous via ICS-CERT",
"sources": [
{
"db": "BID",
"id": "53370"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-082"
}
],
"trust": 0.9
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView is prone to a denial-of-service vulnerability and a directory-traversal vulnerability.\nExploiting these issues may allow remote attackers to crash or access arbitrary files within the context of the affected application.\nKingView 65.30.17249 is vulnerable; other versions may also be affected.",
"sources": [
{
"db": "BID",
"id": "53370"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "53370",
"trust": 0.9
},
{
"db": "CNNVD",
"id": "CNNVD-201205-082",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "53370"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-082"
}
]
},
"id": "VAR-201205-0515",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5764423
},
"last_update_date": "2022-05-17T01:56:34.967000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/53370"
},
{
"trust": 0.3,
"url": "http://www.kingview.com/"
},
{
"trust": 0.3,
"url": "http://en.wellintech.com/news/detail.aspx?contentid=168"
}
],
"sources": [
{
"db": "BID",
"id": "53370"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-082"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "53370"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-082"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-03T00:00:00",
"db": "BID",
"id": "53370"
},
{
"date": "2012-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-082"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-03T00:00:00",
"db": "BID",
"id": "53370"
},
{
"date": "2012-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-082"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-082"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WellinTech KingView Denial of Service Vulnerability and Directory Traversal Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-082"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "53370"
}
],
"trust": 0.3
}
}
CVE-2022-45124 (GCVE-0-2022-45124)
Vulnerability from nvd – Published: 2023-03-20 20:16 – Updated: 2024-08-03 14:01
VLAI
Summary
An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Information Exposure
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| WellinTech | KingHistorian |
Affected:
35.01.00.05
|
|
| wellintech | kinghistorian |
Affected:
35.01.00.05
cpe:2.3:a:wellintech:kinghistorian:35.01.00.05:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:01:31.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1683"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1683",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1683"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wellintech:kinghistorian:35.01.00.05:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kinghistorian",
"vendor": "wellintech",
"versions": [
{
"status": "affected",
"version": "35.01.00.05"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-45124",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T15:54:23.660785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T15:55:30.541Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "KingHistorian",
"vendor": "WellinTech",
"versions": [
{
"status": "affected",
"version": "35.01.00.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-20T20:16:01.634Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1683",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1683"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2022-45124",
"datePublished": "2023-03-20T20:16:01.634Z",
"dateReserved": "2022-12-02T21:42:11.766Z",
"dateUpdated": "2024-08-03T14:01:31.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43663 (GCVE-0-2022-43663)
Vulnerability from nvd – Published: 2023-03-20 20:16 – Updated: 2024-08-03 13:40
VLAI
Summary
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-195 - Signed to Unsigned Conversion Error
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| WellinTech | KingHistorian |
Affected:
35.01.00.05
|
|
| wellintech | kinghistorian |
Affected:
35.01.00.05
cpe:2.3:a:wellintech:kinghistorian:35.01.00.05:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1674"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1674",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1674"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wellintech:kinghistorian:35.01.00.05:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kinghistorian",
"vendor": "wellintech",
"versions": [
{
"status": "affected",
"version": "35.01.00.05"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43663",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T15:29:22.467498Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T15:29:50.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "KingHistorian",
"vendor": "WellinTech",
"versions": [
{
"status": "affected",
"version": "35.01.00.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-195",
"description": "CWE-195: Signed to Unsigned Conversion Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-20T20:16:02.048Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1674",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1674"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2022-43663",
"datePublished": "2023-03-20T20:16:02.048Z",
"dateReserved": "2022-11-28T20:48:15.949Z",
"dateUpdated": "2024-08-03T13:40:06.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20410 (GCVE-0-2018-20410)
Vulnerability from nvd – Published: 2018-12-24 02:00 – Updated: 2024-09-16 16:18
VLAI
Summary
WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/flypuma/vul/blob/master/kingvi… | x_refsource_MISC |
| https://github.com/flypuma/vul/blob/master/kingvi… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:19.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-24T02:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py",
"refsource": "MISC",
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"name": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md",
"refsource": "MISC",
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20410",
"datePublished": "2018-12-24T02:00:00.000Z",
"dateReserved": "2018-12-23T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:18:42.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43663 (GCVE-0-2022-43663)
Vulnerability from cvelistv5 – Published: 2023-03-20 20:16 – Updated: 2024-08-03 13:40
VLAI
Summary
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-195 - Signed to Unsigned Conversion Error
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| WellinTech | KingHistorian |
Affected:
35.01.00.05
|
|
| wellintech | kinghistorian |
Affected:
35.01.00.05
cpe:2.3:a:wellintech:kinghistorian:35.01.00.05:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1674"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1674",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1674"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wellintech:kinghistorian:35.01.00.05:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kinghistorian",
"vendor": "wellintech",
"versions": [
{
"status": "affected",
"version": "35.01.00.05"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43663",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T15:29:22.467498Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T15:29:50.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "KingHistorian",
"vendor": "WellinTech",
"versions": [
{
"status": "affected",
"version": "35.01.00.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-195",
"description": "CWE-195: Signed to Unsigned Conversion Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-20T20:16:02.048Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1674",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1674"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2022-43663",
"datePublished": "2023-03-20T20:16:02.048Z",
"dateReserved": "2022-11-28T20:48:15.949Z",
"dateUpdated": "2024-08-03T13:40:06.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-45124 (GCVE-0-2022-45124)
Vulnerability from cvelistv5 – Published: 2023-03-20 20:16 – Updated: 2024-08-03 14:01
VLAI
Summary
An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Information Exposure
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| WellinTech | KingHistorian |
Affected:
35.01.00.05
|
|
| wellintech | kinghistorian |
Affected:
35.01.00.05
cpe:2.3:a:wellintech:kinghistorian:35.01.00.05:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:01:31.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1683"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1683",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1683"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wellintech:kinghistorian:35.01.00.05:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kinghistorian",
"vendor": "wellintech",
"versions": [
{
"status": "affected",
"version": "35.01.00.05"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-45124",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T15:54:23.660785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T15:55:30.541Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "KingHistorian",
"vendor": "WellinTech",
"versions": [
{
"status": "affected",
"version": "35.01.00.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-20T20:16:01.634Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1683",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1683"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2022-45124",
"datePublished": "2023-03-20T20:16:01.634Z",
"dateReserved": "2022-12-02T21:42:11.766Z",
"dateUpdated": "2024-08-03T14:01:31.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20410 (GCVE-0-2018-20410)
Vulnerability from cvelistv5 – Published: 2018-12-24 02:00 – Updated: 2024-09-16 16:18
VLAI
Summary
WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/flypuma/vul/blob/master/kingvi… | x_refsource_MISC |
| https://github.com/flypuma/vul/blob/master/kingvi… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:19.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-24T02:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py",
"refsource": "MISC",
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/poc.py"
},
{
"name": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md",
"refsource": "MISC",
"url": "https://github.com/flypuma/vul/blob/master/kingview/copy_argumengt_overflow/Debugging.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20410",
"datePublished": "2018-12-24T02:00:00.000Z",
"dateReserved": "2018-12-23T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:18:42.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}